Security rules example: Qlik Sense Mobile Client Managed offline access to apps by user attributes
In this example, you create offline access rights to a specific app by using the user attributes that are retrieved from ticket authentication or session and SAML attributes.
How to add a ticket: Add ticket
How ticket attributes are sent: X-Qlik-Security header
Procedure
Do the following:
-
Select Security rules and click
Create new. -
The resource filter for the rule should be set to filter on a apps.
In the Basic section, fill in the Resource filter field with text as per Security rule code.
-
You now need to set the conditions to specify the users that the rule applies to.
In the Advanced section, fill in the Conditions field with text as per Security rule code.
-
Set the actions that the rule should provide.
In the Basic section, select Actions as per Security rule code.
-
Type a name for the security rule in the Name field.
-
Click Apply.
You have now created access to a specific stream based on ticket authentication user attributes.
Security rule code
The following is the security rule code for this example, with explanatory comments.
| Field | Code | Comments |
|---|---|---|
| Resource filter | App_* |
Specifically filters on the resource type App. |
| Conditions | resource.resourcetype="App_*" and (user.environment.<Attribute1>="<Value1a>") |
resource.resourcetype="App_*" The rule applies to apps. (user.environment.<Attribute1>="<Value1a>") The rule applies to the users where the attribute equals the value. |
| Actions | read |
Read actions will be granted provided that the conditions are met. |