Enable SSO for Qlik Cloud

Overview

This guide explains how to configure Zaperon Single Sign-On (SSO) for Qlik Cloud application. After setup, users can log in to Qlik services without entering passwords.

Zaperon SSO uses the SAML 2.0 authentication protocol, an industry-standard method for secure identity verification between an Identity Provider (Zaperon) and a Service Provider (Qlik Cloud). Once configured, Zaperon becomes the authentication authority for Qlik Cloud logins.

Benefits:

Passwordless access to Qlik Cloud applications
Centralized identity verification — only authorized users can log in
Device posture verification — access is allowed only from approved and compliant devices
Improved security with reduced risk of credential theft
Simplified user management for administrators

Zaperon validates the user's identity and security posture before granting access to Qlik Cloud, ensuring that only trusted users on authorized devices can use the applications.

When Should You Enable Qlik Cloud SSO?

Integrating Qlik Cloud SSO with Zaperon delivers key security and operational benefits:

Eliminate Password Sprawl: Users access Qlik Cloud with a single verified identity, removing the need for separate credentials
Zero Trust Enforcement: Every access request is continuously verified based on identity, device health, and contextual signals
Centralized Access Control: Administrators manage and revoke Qlik Cloud access from a single Zaperon console
Improved Compliance: Maintain consistent authentication enforcement across analytics workloads for audit and governance readiness
Enhanced User Experience: Seamless one-click access to Qlik Cloud improves productivity without compromising security

Prerequisites

To enable Single Sign-on for Qlik App, SAML Authentication configuration to be done in Qlik Admin panel.

Before configuring SSO for Qlik Cloud in Zaperon, ensure the following are in place:

Active Zaperon administrator account with policy management permissions
Valid Qlik Cloud subscription with tenant admin access
SAML 2.0 enabled and supported in your Qlik Cloud tenant

Steps to Enable SSO for Qlik Cloud

A. Add a Custom Attributes in Zaperon Users

A.1. In the Zaperon Admin Dashboard, go to Users and click on Edit icon.

A.2. Create a new attribute “Qlik Email Verified” and assign value ‘true’ for all users. → Refer to Create a custom user attribute page for more detailed steps.

B. Add Application in Zaperon

B.1. In the Admin Dashboard, click Application > Add Application.

B.2. Click on Add Custom Application.

B.3. Enter details in Basic Info and click Next.

B.4. Enter details in SAML settings and click Next.

B.5 . In Attribute Mapping tab. Click on Add Custom Attributes button and create new attributes as shown in image below. For more details on event tracking Refer to this section. and click Next.

B.6. In Event Tracking tab, click Add Resource to enable tracking of different events of applications. For more details on event tracking Refer to this section. and click Submit.

B.7. A Single Sign-on Configuration popup will appear. Copy Sign-in URL, Sign-out URL and download certificate. These will be used to configure SAML in Qlick admin panel. Follow instructions in section C.2.

B.8. You will see Qlick app has been added in the applications table.

C. Create SAML Integration in Qlik Admin Panel

C.1. Login to your Qlik admin panel and click Adminstration in sidebar then click Identity Provider > Create New.

C.2. Upload the certificate that was downloaded in section B.7. Also, Copy and paste here Entity ID & Sign-out page URL from section B.7. Click Save.

C.3. Click on Click on ⋮ three dots menu icon for the created row and select option View Provider Configuration. and then download and open metadata.xml file and copy values of “entityID” and “AssertionConsumerService Location” and paste these values in section B.4.

Testing & Validation

After completing the configuration, validate the SSO setup by:

Logging in as a test user through Zaperon and verifying seamless redirection to Qlik Cloud
Confirming that unauthorized or unprovisioned users are blocked from access
Checking that user attributes (name, email, role) are correctly passed via SAML assertions
Reviewing Zaperon access logs to confirm authentication events are captured and visible

Manage Application

Once an application is added in Zaperon, you can manage it throughout its lifecycle without reconfiguring the integration.

Use the following options to update settings, control access, or remove the application when it is no longer required:

→ Refer to Edit an Application.

→ Refer to Enable application event tracking.

→ Refer to Delete an Application.

Summary

Configuring SSO for Qlik Cloud with Zaperon enables secure, passwordless access to your analytics environment through centralized Zero Trust identity enforcement. Once set up, administrators gain full visibility and control over Qlik Cloud access — ensuring only verified users on compliant devices can log in, while simplifying identity management across the organization.

Google Sites

Report abuse