This API is reliable and breaking changes are unlikely.
Path
/qps/{virtual proxy/}ticket
Method
POST
Description
Use JSON in the following format in the HTTP body:
{
"UserDirectory": "userDirectory",
"UserId": "uniqueUserId", [unique per user directory]
"Attributes":
[ { "<Attribute1>": "value1a" },
{ "<Attribute1>": "value1b" }, [attributes are not unique]
{ "<Attribute2>": "" }, [value can be empty]
{ "<Attribute3>": "value3" },
...
], [optional]
"TargetId": "targetId" [from query string, optional]
}
The UserDirectory and UserId strings cannot consist solely of whitespace and any whitespace is trimmed from the start and end of the strings. In addition, backslash (\) is not allowed in the strings.
This returns a JSON object containing the same UserId and an authentication ticket (Ticket):
{
"UserDirectory": "userDirectory",
"UserId": "uniqueUserId",
"Attributes":
[ { "<Attribute1>": "value1a" },
{ "<Attribute1>": "value1b" }, [attributes are not unique]
{ "<Attribute2>": "" }, [value can be empty]
{ "<Attribute3>": "value3" },
...
], [optional]
"Ticket": "<ticketId>",
"TargetUri": "targetUri" [corresponding to targetId, optional]
}
The ticket is sent back to the client and used when the client is redirected back to the proxy after authentication by the module. The user information and ticket are valid for one minute, after which they are deleted by the proxy. Any attributes posted along with the user ID are injected as X-Qlik-Security headers.
The UserDirectory field refers to the directory where more information about the user can be retrieved by the Qlik Sense Repository Service (QRS) via a User Directory Connector.