Monday, 19 May 2025

STEP by STEP : Qlik Sense Security Rules – Basics

 

Qlik Sense Security Rules – Basics

🧠 What Are Security Rules?

Security rules in Qlik Sense define who can do what with which resource, based on:

  • User attributes (e.g., user name, group)

  • Resource types (app, stream, object)

  • Actions (read, update, publish)

They are written using conditions and expression logic.

🏗️ Anatomy of a Security Rule

A rule has the following components:

ComponentDescription
Resource filterDefines the type of resource (e.g., App_*, Stream_*, Sheet_*)
ActionsWhat users can do: read, update, publish, exportdata, etc.
ConditionsLogic to determine access (user.name, user.group, etc.)
ContextDetermines if it applies in Hub, QMC, or both

Examples of Basic Security Rules

🔹 1. Allow a user access to a specific stream

Goal: Grant user john.doe access to a stream called "Sales".

Rule:

  • Resource filter: Stream_*

  • Conditions: resource.name = "Sales" and user.name = "john.doe"

  • Actions: read

🔹 2. Allow a group access to all apps in a stream

Goal: Members of the Finance group can access all apps in the "Finance" stream.

Rule:

  • Resource filter: App_*

  • Conditions: resource.stream.name = "Finance" and user.group = "Finance"

  • Actions: read

🔹 3. Allow only the app owner to edit the app

Rule:

  • Resource filter: App_*

  • Conditions: resource.owner.userId = user.userId

  • Actions: update

🔹 4. Allow users to publish to a stream

Goal: Let developers publish apps to the “Development” stream.

Rule:

  • Resource filter: Stream_*

  • Conditions: resource.name = "Development" and user.group = "Developers"

  • Actions: publish

🔹 5. Prevent access to all unpublished apps

Rule:

  • Resource filter: App_*

  • Conditions: !resource.published

  • Actions: read

  • Check box: Deny access

💡 Use this as a deny rule, placed above general read access rules.

🛠️ How to Create a Rule in QMC

  1. Go to Qlik Management Console (QMC)

  2. Click Security Rules

  3. Click Create New

  4. Fill in:

    • Name

    • Resource filter (e.g., App_*, Sheet_*)

    • Actions (e.g., read, update)

    • Conditions using user. and resource. attributes

  5. Set Context (Hub, QMC, or both)

  6. Click Apply

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

STEP by STEP : Qlik Sense Server Migration by Cloning with Hostname Change

STEP by STEP : Qlik Sense Server Migration by Cloning  with Hostname Change Step 1: Prepare and Backup the Source Server 1.1 Stop All Qlik ...