Early Access: The content on this website is provided for informational purposes only in connection with pre-General Availability Qlik Products.
All content is subject to change and is provided without warranty.
Skip to main content Skip to complementary content

Identity providers in Qlik Cloud

An identity provider (IdP) is a service that manages user authentication and login information. In Qlik Cloud, you can use the default Qlik Account or integrate a custom IdP that supports OpenID Connect or SAML standards. This integration ensures secure authentication and consistent user identity across cloud deployments.

Default identity provider: Qlik Account

The default IdP for Qlik Cloud is Qlik Account (not available with Qlik Cloud Government).

The key features include:

  • Service account owner: The email address associated with the service account (the one that received the welcome email during tenant creation), is automatically added as a member of the tenant. For tenants created through My Qlik, the service account owner can log in immediately after the tenant is created.

  • Authentication domains: Qlik Account provides authentication for qlik.com and qlikcloud.com.

Using corporate identity providers

Information note

This functionality is not available in Qlik Sense Business.

You can integrate your own IdP with Qlik Cloud for authentication. Each Qlik Cloud tenant supports only one interactive IdP. Supported providers include:

  • Microsoft Entra ID (formerly Azure AD)

  • Okta

  • Auth0

  • Salesforce

  • Google Identity (generic integration)

  • OneLogin (generic integration)

When you switch to a corporate IdP, the Qlik Account login flow is replaced by the authentication process of your chosen provider.

Benefits of using an IdP

Integrating an IdP into your Qlik Cloud deployment offers several benefits:

  • Secure Authentication: Ensures that users' identities are verified securely.

  • Unified user identity: Maintains consistent user IDs and group data across all deployments,

  • Simplified licensing: Ensures one identity per user, preventing licensing conflicts and ensures that users are assigned the correct license.

  • Access control: Enables consistent application of access controls based on user attributes, such as ID and group memberships.

  • Single sign-on (SSO): Allows users to access multiple services with a single login, eliminating the need for separate credentials for each service.

  • Cloud-based IdPs: Simplify authentication across online services. For organizations using Active Directory (AD), IdPs can integrate AD-stored accounts into cloud environments.

Supported IdP standards

Qlik Cloud supports integration with IdPs using OpenID Connect (OIDC) and SAML standards. These integrations support:

  • Interactive login: Users log in via a web browser.

  • Automated login: API-based authentication for software products.

Adding users to the tenant

Your subscription determines how users are added to your tenant:

  • Identity provider integration: If your license includes IdP integration, the Identity provider pane will be available in the Administration activity center.

  • Email invites: If IdP integration is not enabled, you can invite users manually through the Users section in the Administration activity center.

Information note

Your subscription allows only one method for adding users—either through an IdP or via email invites. If you switch from email invites to an IdP-based user management, the invite option will remain active until the IdP is fully set up and activated.

Examples of IdP deployments

IdP in a cloud deployment

In a Qlik Cloud deployment, the IdP ensures seamless user authentication and centralized management of user identities, attributes, and licenses.

IdP integration in a cloud deployment

Qlik Sense Enterprise SaaS and Qlik Sense Enterprise on Kubernetes are integrated with an Identity Provider via OIDC. User IDs, email, groups, and jobs are integrated through Qlik Sense Enterprise on Windows via SAML. An Identity Provider authenticates users against their identity (user ID, Password, groups).

IdP in a multi-cloud deployment

In a multi-cloud setup, Qlik Sense Enterprise on Windows integrates with an IdP using the SAML standard or any other method that provides the IdP with a consistent user identity.

IdPs in this scenario must support both OIDC and SAML standards.

IdP integration in a multi-cloud deployment

Qlik Sense Enterprise SaaS and Qlik Sense Enterprise on Kubernetes are integrated with an Identity Provider via OIDC. User IDs, email, groups, and jobs are integrated through Qlik Sense Enterprise on Windows via SAML. An Identity Provider authenticates users against their identity (user ID, Password, groups).

For additional information on how to set up a multi-cloud deployment, see Distributing apps to Qlik Cloud.

Learn more

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!