Skip to main content Skip to complementary content
Qlik Resources

Managing a Qlik Sense site

The Qlik Management Console (QMC) is a web-based application for configuring and administrating your Qlik Sense site. The QMC always connects to the central Qlik Sense node where all system data is stored and with which all local nodes synchronize. So even if you have a multi-node, geographically distributed Qlik Sense installation, the QMC enables you to handle the following activities from one location:

  • Managing licenses
  • Managing tokens and access types
  • Configuring nodes
  • Managing data connections
  • Managing content security (by security rules)
  • Managing tasks and triggers
  • Synchronizing content
  • Synchronizing users
Information noteIn a multi-node installation you manage the whole Qlik Sense site from the QMC on the central node.

The QMC provides you with a set of very powerful tools to create different access patterns for different QMC administrators and for the different user groups that access the hub:

  • Security rules
  • Admin roles
  • Custom properties

Important concepts in the QMC

Apps

The user can create an app from the Qlik Sensehub (if the user has the appropriate access rights). Apps are published to streams from the QMC (used in server deployments of Qlik Sense). If you want to publish an app that is created in a Qlik Sense Desktop installation it must first be imported, using the QMC. The security rules applied to the app, stream or user determine who can access the content and what the user is allowed to do. The app is locked when published. Content can be added to a published app via the Qlik Sensehub in a server deployment, but content that was published with the original app cannot be edited. Apps can only be deleted from the apps overview page of the QMC.

Information noteAn app (qvf file) replaces the document (the .qvw container file) used in previous versions of Qlik Sense.

Associated items

The resources in the QMC have an associative structure. This makes it easy for you to navigate between the different resources in the QMC. Because of the associative structure of the QMC, you can select a resource in more than one way. For example, you can select an app either from the apps overview or from the Associated items tab for the stream that the app belongs to. Similarly, you can select a task either from the tasks overview or from the Associated items tab for the app that the task belongs to.

Audit

The QMC audit page enables you to query for, and audit, the security or sync rules that have been defined in the Qlik Sense system.

Custom properties and QMC tags

The QMC enables you to create customized properties that you can connect to resources. The main purpose is to use the custom properties in the security rules. You can also create and connect QMC tags that you can filter with on a resource's overview page. Tags cannot be used in the security rules.

Examples of applications for custom properties:

  • Grouping nodes by geography

    Create a custom property called Countries and set the values to names of countries. Apply the custom property to your nodes and you can then create and deploy synchronization rules to countries instead of individual nodes.

  • Grouping streams by department

    Create a custom property called Departments with values appropriate to your organization. Apply the custom property to your streams and you can then apply security rules to streams according to their Departments property instead of managing security rules for individual streams.

Tip noteGroup memberships are uploaded to the central repository when you create and synchronize a user directory connector. This means that you can apply security rules to group memberships instead of defining and applying custom properties to users.

Data connections

You can manage security rules for all data connections from the QMC. Users can create data connections from Qlik Sense but sharing data connections (security rules) is managed from the QMC.

Multiple selections

You can select several resources from the overview. By doing this, you can edit or delete multiple resources at the same time. This makes your QMC administration work more efficient.

Publish to stream

The user can create an app from the Qlik Sensehub (if the user has the appropriate access rights). Apps are published to streams from the QMC (used in server deployments of Qlik Sense). If you want to publish an app that is created in a Qlik Sense Desktop installation it must first be imported, using the QMC. The security rules applied to the app, stream or user determine who can access the content and what the user is allowed to do. The app is locked when published. Content can be added to a published app via the Qlik Sensehub in a server deployment, but content that was published with the original app cannot be edited.

By default, Qlik Sense includes a stream called Everyone.

Information noteAll authenticated users have read and publish rights to the Everyone stream and all anonymous users read-only rights.

Security rules

Content security is a critical aspect of setting up and managing your Qlik Sense system. The QMC enables you to centrally create and manage security rules for all your Qlik Sense resources. Security rules define what a user is allowed to do with a resource, for example read, update, create or delete.

By design, security rules are written to include, not exclude, users. Users who are not included in security rules will be denied access. So security rules must be created to enable users to interact with Qlik Sense content, data connections, and other resources.

Information noteThe QMC includes pre-defined administrator roles, including the RootAdmin user who has full access rights to the Qlik Sense system, which allows the RootAdmin user to setup security rules.

Tokens and access types

The License Enabling File (LEF) determines the number of tokens that you can allocate to different access types. An access type allows the users to access streams and apps within a Qlik Sense site. You can adjust the token usage according to the usage need over time. Each access type provides the Qlik Sense user with a certain type of access to Qlik Sense apps. A user with no access type cannot see any streams.

Users

All user data is stored in the Qlik Sense Repository Service (QRS) database. You create user directory connectors in the QMC to be able to synchronize and retrieve the user data from a configured directory service. When a user logs in to Qlik Sense or the QMC the user data is automatically retrieved. You can change the authentication method that handles the authentication of the Qlik Sense users.

Resource owners

The creator of a resource (for example an app or a stream) is by default the owner of the resource. You can change the ownership for resources in the QMC.

Resources interaction

The illustration below gives an overview of how the resources interact.

Resources overview and interaction

The apps, sheets and stories are created from the hub and published to a stream from the QMC.

Tasks are available for apps and user directory connectors. The reload tasks reload apps to fully reload the data in an app from the source. The user sync task is applied to a user directory connector to synchronize the users from a user directory. Triggers can execute tasks.

A stream security rule is applied to the stream and affects the access rights for the users.

The site license provides for a number of tokens that are allocated to access types. Users are given access to streams and apps on the hub by login access or user access. A security rule is applied to the login access to specify which users the login access is available for.

Information noteThe hub is not a part of the QMC. The hub is where Qlik Sense apps and sheets are opened and managed.

Learn more

 

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!

Leave your feedback here