Auth settings

Download OpenAPI spec

The Auth Settings API allows you to configure and manage authentication settings for your tenant, including identity provider configurations and security policies.

Get authentication settings

Returns the authentication settings for the tenant, including the session inactivity timeout and maximum session lifespan. If no custom values have been saved, the response reflects tenant-wide defaults with isDefault set to true. The user must be assigned the TenantAdmin role.

Facts

Rate limit Tier 1 (1000 requests per minute)

Responses

200

Authentication settings retrieved successfully.

  • application/jsonobject

    The authentication settings for a tenant, controlling user session duration and inactivity behavior.

    Show application/json properties
    • idstring

      The unique identifier for the authentication settings.

      format = "uid"

    • tenantIdstring
      Required

      The tenant unique identifier associated with the authentication settings.

      format = "uid"

    • isDefaultboolean

      true if the authentication settings are using tenant-wide defaults. No custom values have been saved for this tenant.

    • maxUserSessionLifespanMinutesinteger
      Required

      Maximum total lifespan for a user session, in minutes. Sessions are invalidated after this duration regardless of activity.

      format = int64

    • userSessionInactivityTimeoutMinutesinteger
      Required

      Maximum inactivity period for a user session, in minutes. Sessions that have been idle for longer than this value are invalidated.

      format = int64

401

Not authorized.

  • application/jsonobject

    The error response object describing the error from the handling of an HTTP request.

    Show application/json properties
    • errorsarray of objects

      An array of errors related to the operation.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Additional properties relating to the error.

      • titlestring
        Required

        Summary of the problem.

      • detailstring

        A human-readable explanation specific to this occurrence of the problem.

      • sourceobject

        References to the source of the error.

        Show source properties
        • pointerstring

          A JSON Pointer to the property that caused the error.

        • parameterstring

          The URI query parameter that caused the error.
    • traceIdstring

      A unique identifier for tracing the error.

403

The authenticated user does not have the TenantAdmin role required to read authentication settings.

  • application/jsonobject

    The error response object describing the error from the handling of an HTTP request.

    Show application/json properties
    • errorsarray of objects

      An array of errors related to the operation.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Additional properties relating to the error.

      • titlestring
        Required

        Summary of the problem.

      • detailstring

        A human-readable explanation specific to this occurrence of the problem.

      • sourceobject

        References to the source of the error.

        Show source properties
        • pointerstring

          A JSON Pointer to the property that caused the error.

        • parameterstring

          The URI query parameter that caused the error.
    • traceIdstring

      A unique identifier for tracing the error.

404

Authentication settings not found.

  • application/jsonobject

    The error response object describing the error from the handling of an HTTP request.

    Show application/json properties
    • errorsarray of objects

      An array of errors related to the operation.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Additional properties relating to the error.

      • titlestring
        Required

        Summary of the problem.

      • detailstring

        A human-readable explanation specific to this occurrence of the problem.

      • sourceobject

        References to the source of the error.

        Show source properties
        • pointerstring

          A JSON Pointer to the property that caused the error.

        • parameterstring

          The URI query parameter that caused the error.
    • traceIdstring

      A unique identifier for tracing the error.

429

Request has been rate limited.

  • application/jsonobject

    The error response object describing the error from the handling of an HTTP request.

    Show application/json properties
    • errorsarray of objects

      An array of errors related to the operation.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Additional properties relating to the error.

      • titlestring
        Required

        Summary of the problem.

      • detailstring

        A human-readable explanation specific to this occurrence of the problem.

      • sourceobject

        References to the source of the error.

        Show source properties
        • pointerstring

          A JSON Pointer to the property that caused the error.

        • parameterstring

          The URI query parameter that caused the error.
    • traceIdstring

      A unique identifier for tracing the error.

500

Internal server error.

  • application/jsonobject

    The error response object describing the error from the handling of an HTTP request.

    Show application/json properties
    • errorsarray of objects

      An array of errors related to the operation.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Additional properties relating to the error.

      • titlestring
        Required

        Summary of the problem.

      • detailstring

        A human-readable explanation specific to this occurrence of the problem.

      • sourceobject

        References to the source of the error.

        Show source properties
        • pointerstring

          A JSON Pointer to the property that caused the error.

        • parameterstring

          The URI query parameter that caused the error.
    • traceIdstring

      A unique identifier for tracing the error.
GET /api/core/auth-settings 
// qlik-api has not implemented support for `GET /api/core/auth-settings` yet.
// In the meantime, you can use fetch like this:


const response = await fetch(
  '/api/core/auth-settings',
  {
    method: 'GET',
    headers: {
      'Content-Type': 'application/json',
    },
  },
)
qlik core auth-settings ls
curl "https://{tenant}.{region}.qlikcloud.com/api/core/auth-settings" \
-H "Authorization: Bearer <access_token>"

Example Response

{
  "id": "507f191e810c19729de860ea",
  "tenantId": "644fd58b846d649c82eba436",
  "isDefault": false,
  "maxUserSessionLifespanMinutes": 1440,
  "userSessionInactivityTimeoutMinutes": 60
}

Update authentication settings

Updates one or more authentication settings for the tenant using JSON Patch (RFC 6902). Supports replace operations on /userSessionInactivityTimeoutMinutes and /maxUserSessionLifespanMinutes. The value for maxUserSessionLifespanMinutes must be a whole number of hours (divisible by 60). The user must be assigned the TenantAdmin role.

Facts

Rate limit Tier 2 (100 requests per minute)

Request Body

Required

An array of JSON Patch operations to apply to the authentication settings.

  • application/jsonarray of objects

    An array of JSON Patch documents for authentication settings.

    Show application/json properties
    • opstring
      Required

      The operation to be performed.

      Can be one of: "replace"

    • pathstring
      Required

      A JSON Pointer to the authentication settings field.

      Can be one of: "/userSessionInactivityTimeoutMinutes""/maxUserSessionLifespanMinutes"

    • valueinteger
      Required

      Integer value in minutes to set for the targeted authentication settings field. For maxUserSessionLifespanMinutes, the value must be a whole number of hours (divisible by 60).

      format = int64

Responses

200

Authentication settings updated successfully.

  • application/jsonobject

    The authentication settings for a tenant, controlling user session duration and inactivity behavior.

    Show application/json properties
    • idstring

      The unique identifier for the authentication settings.

      format = "uid"

    • tenantIdstring
      Required

      The tenant unique identifier associated with the authentication settings.

      format = "uid"

    • isDefaultboolean

      true if the authentication settings are using tenant-wide defaults. No custom values have been saved for this tenant.

    • maxUserSessionLifespanMinutesinteger
      Required

      Maximum total lifespan for a user session, in minutes. Sessions are invalidated after this duration regardless of activity.

      format = int64

    • userSessionInactivityTimeoutMinutesinteger
      Required

      Maximum inactivity period for a user session, in minutes. Sessions that have been idle for longer than this value are invalidated.

      format = int64

400

Invalid request body.

  • application/jsonobject

    The error response object describing the error from the handling of an HTTP request.

    Show application/json properties
    • errorsarray of objects

      An array of errors related to the operation.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Additional properties relating to the error.

      • titlestring
        Required

        Summary of the problem.

      • detailstring

        A human-readable explanation specific to this occurrence of the problem.

      • sourceobject

        References to the source of the error.

        Show source properties
        • pointerstring

          A JSON Pointer to the property that caused the error.

        • parameterstring

          The URI query parameter that caused the error.
    • traceIdstring

      A unique identifier for tracing the error.

401

Not authorized.

  • application/jsonobject

    The error response object describing the error from the handling of an HTTP request.

    Show application/json properties
    • errorsarray of objects

      An array of errors related to the operation.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Additional properties relating to the error.

      • titlestring
        Required

        Summary of the problem.

      • detailstring

        A human-readable explanation specific to this occurrence of the problem.

      • sourceobject

        References to the source of the error.

        Show source properties
        • pointerstring

          A JSON Pointer to the property that caused the error.

        • parameterstring

          The URI query parameter that caused the error.
    • traceIdstring

      A unique identifier for tracing the error.

403

The authenticated user does not have the TenantAdmin role required to update authentication settings.

  • application/jsonobject

    The error response object describing the error from the handling of an HTTP request.

    Show application/json properties
    • errorsarray of objects

      An array of errors related to the operation.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Additional properties relating to the error.

      • titlestring
        Required

        Summary of the problem.

      • detailstring

        A human-readable explanation specific to this occurrence of the problem.

      • sourceobject

        References to the source of the error.

        Show source properties
        • pointerstring

          A JSON Pointer to the property that caused the error.

        • parameterstring

          The URI query parameter that caused the error.
    • traceIdstring

      A unique identifier for tracing the error.

404

Authentication settings not found.

  • application/jsonobject

    The error response object describing the error from the handling of an HTTP request.

    Show application/json properties
    • errorsarray of objects

      An array of errors related to the operation.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Additional properties relating to the error.

      • titlestring
        Required

        Summary of the problem.

      • detailstring

        A human-readable explanation specific to this occurrence of the problem.

      • sourceobject

        References to the source of the error.

        Show source properties
        • pointerstring

          A JSON Pointer to the property that caused the error.

        • parameterstring

          The URI query parameter that caused the error.
    • traceIdstring

      A unique identifier for tracing the error.

429

Request has been rate limited.

  • application/jsonobject

    The error response object describing the error from the handling of an HTTP request.

    Show application/json properties
    • errorsarray of objects

      An array of errors related to the operation.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Additional properties relating to the error.

      • titlestring
        Required

        Summary of the problem.

      • detailstring

        A human-readable explanation specific to this occurrence of the problem.

      • sourceobject

        References to the source of the error.

        Show source properties
        • pointerstring

          A JSON Pointer to the property that caused the error.

        • parameterstring

          The URI query parameter that caused the error.
    • traceIdstring

      A unique identifier for tracing the error.

500

Internal server error.

  • application/jsonobject

    The error response object describing the error from the handling of an HTTP request.

    Show application/json properties
    • errorsarray of objects

      An array of errors related to the operation.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Additional properties relating to the error.

      • titlestring
        Required

        Summary of the problem.

      • detailstring

        A human-readable explanation specific to this occurrence of the problem.

      • sourceobject

        References to the source of the error.

        Show source properties
        • pointerstring

          A JSON Pointer to the property that caused the error.

        • parameterstring

          The URI query parameter that caused the error.
    • traceIdstring

      A unique identifier for tracing the error.
PATCH /api/core/auth-settings 
// qlik-api has not implemented support for `PATCH /api/core/auth-settings` yet.
// In the meantime, you can use fetch like this:


const response = await fetch(
  '/api/core/auth-settings',
  {
    method: 'PATCH',
    headers: {
      'Content-Type': 'application/json',
    },
    body: JSON.stringify([
      {
        op: 'replace',
        path: '/userSessionInactivityTimeoutMinutes',
        value: 60,
      },
      {
        op: 'replace',
        path: '/maxUserSessionLifespanMinutes',
        value: 1440,
      },
    ]),
  },
)
qlik core auth-settings patch \
  --op 'replace' \
  --path '/userSessionInactivityTimeoutMinutes' \
  --value 60
curl "https://{tenant}.{region}.qlikcloud.com/api/core/auth-settings" \
-X PATCH \
-H "Content-type: application/json" \
-H "Authorization: Bearer <access_token>" \
-d '[{"op":"replace","path":"/userSessionInactivityTimeoutMinutes","value":60},{"op":"replace","path":"/maxUserSessionLifespanMinutes","value":1440}]'

Example Response

{
  "id": "507f191e810c19729de860ea",
  "tenantId": "644fd58b846d649c82eba436",
  "isDefault": false,
  "maxUserSessionLifespanMinutes": 1440,
  "userSessionInactivityTimeoutMinutes": 60
}