Skip to main content Skip to complementary content

Connecting to the QPS API using certificates

This code example shows how to connect to the Qlik Sense Proxy Service (QPS) API using certificates. The code is written in C#, but other technologies can be used.

Information noteBefore using this code, a copy of the Qlik Sense client certificate must be installed on the machine that is to execute the code.
Tip noteWhen writing production code, make sure to enhance this example to include error handling and additional features such as optional parameters.

The first section of the code is a class that contains all the items required to connect:

using System;
using System.Collections.Generic;
using System.Text;
using System.Threading.Tasks;
using System.IO;
using System.Linq;
using System.Net;
using System.Security.Cryptography.X509Certificates;

namespace TicketExample
    class TicketExampleCertificate

        private X509Certificate2 certificate_ { get; set; }

        public TicketExampleCertificate()
            // First locate the Qlik Sense client certificate
            X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
            certificate_ = store.Certificates.Cast<X509Certificate2>().FirstOrDefault(c => c.FriendlyName == "QlikClient");
            ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

        public string TicketRequest(string method, string server, string user, string userdirectory)
            //Create URL to REST endpoint for tickets
            string url = "https://" + server + ":4243/qps/ticket";
            //Create the HTTP Request and add required headers and content in Xrfkey
            string Xrfkey = "0123456789abcdef";
            HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url + "?Xrfkey=" + Xrfkey);
            // Add the method to authentication the user
            request.Method = method;
            request.Accept = "application/json";
            request.Headers.Add("X-Qlik-Xrfkey", Xrfkey);
            string body = "{ 'UserId':'" + user + "','UserDirectory':'" + userdirectory + "','Attributes': []}";
            byte[] bodyBytes = Encoding.UTF8.GetBytes(body);

            if (!string.IsNullOrEmpty(body))
                request.ContentType = "application/json";
                request.ContentLength = bodyBytes.Length;
                Stream requestStream = request.GetRequestStream();
                requestStream.Write(bodyBytes, 0, bodyBytes.Length);

            // make the web request and return the content
            HttpWebResponse response = (HttpWebResponse)request.GetResponse();
            Stream stream = response.GetResponseStream();
            return stream != null ? new StreamReader(stream).ReadToEnd() : string.Empty;

To use the class created above, execute the following code. Since certificates are used, the communication is made against the QPS URL. In this example, the proxy calls the path to the ticket request of the Authentication API, which returns a ticket for a user in a user directory.

TicketExampleCertificate ticketexample = new TicketExampleCertificate();
string ticketresponse=ticketexample.TicketRequest("POST", "localhost", "User1", "UserDirectory1");


The returned information should look like the following:

{"buildVersion":"12.0.3248.0","buildDate":"3/13/2013 10:09:00 PM","databaseProvider":"Repository.SQLiteWrapper","nodeType":1,"schemaPath":"About"}

The above class can now be used to call other methods within the QRS API.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!