Skip to main content Skip to complementary content
Qlik Resources
Announcements

Data sources for apps in managed spaces

Data sources for apps in managed spaces must be stored in shared spaces. You need to decide where the final data sources for your app will be located. This ensures that your apps are secure and can be reloaded in the managed space. If you want to load app data in managed spaces, the apps published to managed spaces should use space-aware data sources.

Information noteManaged spaces are not available with Qlik Sense Business.

A shared space can be used for storing data sources for apps in managed spaces. This is appropriate when strict data governance is not required. It is important to apply space permissions carefully to ensure that the data sources and app are only accessible to the correct users.

You can use space-aware data sources to reference data sources in other spaces. Space-aware data files look for data files and fields by name in the load script. This enables users to develop apps using mock data sources in other spaces. When the app is ready to be published, the mock data sources can be replaced with actual data sources.

An app in a managed space that uses space-aware data sources can reload data from the data sources in shared spaces. If you do not use space-aware data files, apps must be reloaded and republished to managed spaces to update the app data in the managed spaces.

For more information using space-aware aware connections, see:

Best practice workflow for governed apps and data

The following is an example best practice workflow for governed apps and data sources in managed spaces.

Data files are kept in a shared space where app developers have Is admin and Can edit permissions. Developers can reference this data when developing apps in other shared spaces. When the apps are ready, the developers are removed from the data shared space and the production data is added. This populates the apps with sensitive data while preventing the app developers from seeing it.

This workflow involves three primary users:

  • Tenant administrator: The tenant administrator creates the managed space and then assigns users and roles to the managed space.
  • Governed Manager: The user in charge of managing access to sensitive data and administering the managed spaces
  • Developer: The user in change of developing apps for the managed space and publishing them to the space.

This workflow occurs in four steps:

  1. Create the spaces.
  2. Add mock data and develop the app.
  3. Publish apps with final data.
  4. Adding app consumers to the managed space.

Creating managed space and shared spaces

First, the spaces are created and then users are added to them.

Do the following:

  1. The tenant administrator creates a managed space, Secure Apps, as the destination for published governed apps.

  2. The tenant administrator adds two members to Secure Apps:

    • The lead app developer, Developer, is added with Can publish permission.
    • The owners of the governed apps, Governed Manager, is made the space owner.
  3. Governed Manager creates a shared space, Secure Data, for the secure data used by apps published to Secure Apps.
  4. Governed Manager adds Developer to the space with Is admin permission.
  5. Developer creates the Develop Apps shared space for the development of the governed apps. Optionally, additional developers are added with Can edit permission.

Developing apps with mock data

Next, mock data is added and the app is developed.

Do the following:

  1. Developer adds mock testing data to the Develop Data space. This data can be used once or in continuous deployment scenarios.

    Data can be made available to a space by adding an app and then adding the data source to the app. Once a data source has been added to an app in the space, it is available to all users with Can edit permission in the space.

  2. Developer adds the same mock testing data to the Secure Data space. This data is used as placeholder data until the app is ready for the secure data.
  3. Developer develops apps in the Develop Apps space. These apps use the mock testing data in the Develop Data space.
  4. Optionally, if the app needs continued development after publishing, the Developer duplicates the app prior to publishing.

Publishing apps and adding final data

The app is published and the mock data is replaced by the final data.

Do the following:

  1. When the app is ready for release, Developer changes the app to use the data in Secure Data.
  2. Developer publishes the app from Develop Apps to Secure Apps. Developer notifies Governed Manager that the app is ready.
  3. Governed Manager removes Developer (and any other user) from the Secure Data space.
  4. Governed Manager adds production data to the Secure Data space, replacing the mock data.

Adding app consumers to the managed space

Finally, the app consumers are added to the managed space.

Do the following:

  1. Governed Manager adds Can view members to the Secure Data shared space. These are users who will open or contribute sheets to the published app.
  2. Governed Manager adds Can view members to the Secure Appsmanaged space. These are users who should be able to open the published app.
  3. Governed Manager adds Can contribute members to the Secure Apps managed space. These are the users who should be able to open the app and contribute community sheets to the app.
  4. Governed Manager optionally schedules reloads for the published app in the Secure Apps space.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!

Leave your feedback here