Skip to main content

Setting up Auth0

Auth0 is an authentication and authorization platform.

You can configure Auth0 as an identity provider (IdP) for use with Qlik Sense Enterprise on Kubernetes (QSEoK) and Qlik Sense Enterprise on Windows (QSEfW).

Creating an Auth0 application and connection for QCS or QSEoK for interactive logins

Create an Auth0 application, and connect it to an Auth0 database connection.

An Auth0 application allows an application, (QSEfW/QCS/QSEoK), to use Auth0 for authentication. An Auth0 connection is a source of users, in this example, a database that you populate with users.

We assume that you have an Auth0 account and tenant created.

Note: The following procedures are examples. Please review the Auth0 documentation for more information and latest instructions.

Creating a new application in Auth0

Do the following:

  1. In the left menu in Auth0, open Applications.

  2. Click Create application.

  3. Give the application a name, select Single Page Web Applications and click Create.

  4. Optionally, select your web app technology.

  5. Select Settings.

  6. In the box Allowed Callback URLs, add the URL to your host in the format https://<host>/login/callback/.

  7. Scroll down and click Save changes.

  8. Note down the Client ID value.

  9. Note down the Client Secret value.

  10. Scroll to the bottom and select Advanced Settings.

  11. Select the Endpoints tab.

  12. Note down the OpenID configuration URL for later.

Creating a database connection in Auth0

You will now create a database connection and configure your application to use this connection.

Do the following:

  1. In the left menu, select Connections > Database.

  2. Fill in a name for the database connection and click Create.

  3. In the left menu, select Applications.

  4. Open the tab Connections.

  5. Enable the new database connection for your application.

Creating a new user (optional)

Do the following:

  1. In the left menu, select Users.

  2. Click Create your first user.

  3. Fill in the fields and select the newly created connection.

Creating an Auth0 API and application for programmatic access

Begin by creating the API.

You set up programmatic access so that you can distribute content into Qlik Cloud Services (QCS) or QSEoK.

In Auth0, you will create a new API. In this case, the Auth0 API represents the protected QSEoK resource API. In OAuth terms, you configure Auth0 for the Client Credentials Grant flow.

Begin by creating a new API for your application.

Do the following:

  1. In the left menu, select APIs.

  2. Click Create API.

  3. Enter an API name.

  4. For Identifier, enter qlik.api.

  5. Click Create.

  6. Go to the Scopes tab.

  7. Add a new scope with the value any in the name and description and click Add.

Just like you created an Auth0 application for interactive logins above, you will now create an Auth0 application for programmatic authentication.

Do the following:

  1. In the left menu, select Applications.

  2. Click Create Application.

  3. Select Machine to Machine Applications.

  4. Click Create.

  5. Select the API created above.

  6. In the Scopes box, select any.

  7. Click Authorize.

  8. Select the Settings tab. In the Allowed Web Origins box, add the URL to your deployment.

  9. Note down the Client ID value.

  10. Note down the Client secret value.

  11. Scroll to the bottom and select Advanced Settings.

  12. Click the Endpoints tab.

  13. Note down the OAuth Token URL value.

    This value together with client ID and client secret will be used in the configuration of QSE for Windows when adding a deployment.

  14. In the left menu, select APIs and open your new API. Select the Machine to Machine Applications tab.

  15. Verify that your new application has access to your new Auth0 API.