Skip to main content Skip to complementary content
Qlik Resources
Announcements
Loading SearchUnify's search If you need assistance with your product, please contact Qlik Support.
Qlik Customer Portal
Loading SearchUnify's search If you need assistance with your product, please contact Qlik Support.
Qlik Customer Portal

Setting up Qlik Cloud access

Before deploying to Qlik Cloud, the tenant administrator must enable API key generation and assign the correct roles to the user account.

Enabling API key access

Do the following:

  1. In the Management Console, go to Authorization > Roles.
  2. Create a custom role (for example, API Key Manager).
  3. Expand Features and Actions > Developer and set Manage API keys to Allowed.
  4. Save the role.
  5. Go to Users and assign the role to users who need API access.
  6. If users have the deprecated Developer role, remove the role.

After the role is assigned, each user can generate an API key.

To generate an API key, go to Profile > API keys and click Generate new key. Copy and store the key securely. The key is displayed only once.

Enabling app creation in personal spaces

To create apps in the personal space, the Private Analytics Content Creator role is required.

Do the following:

  1. In the Management Console, go to Users.
  2. Assign the Private Analytics Content Creator role to the user.

When deploying to a shared space instead of a personal space, the user must have the Can edit permission on the target space.

Inline authentication

When both --qlikTenantUrl and --qlikApiKey are provided (or the equivalent environment variables QV2QS_QLIK_TENANT_URL and QV2QS_QLIK_API_KEY), QV2QS authenticates directly without creating or reading a qlik-cli context file. The API key is injected as a bearer token into every qlik-cli call and is not written to disk.

This approach is recommended for:

  • CI/CD pipelines where pre-creating a context adds an extra step.
  • Multi-tenant automation where multiple concurrent invocations target different tenants. Each process carries its own credentials in memory, so there are no shared context files to conflict.
  • Partner integrations that call QV2QS programmatically with varying credentials per request.
QV2QS.exe --generatePrj --qvw Sales.qvw --outputDir ./output ^
  --qlikTenantUrl https://my-tenant.us.qlikcloud.com ^
  --qlikApiKey eyJhbG... ^
  --qsAppName "Sales" --autoBinary --reload --plain
Information note

The --setupQlikAuth flag is not required when both --qlikTenantUrl and --qlikApiKey are provided.

Learn more

Visit the discussion forum at community.qlik.com

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Leave your feedback here