In large organizations, permissions across multiple applications and services are usually applied via the use of AD groups. Qlik Sense can speedily retrieve the list of relevant AD groups and have security rules be driven by them. This makes things easier, as it delegates permissions management to a team sitting outside of the Qlik Sense administrators.

A typical use case would be to define different permissions for developers and different ones for the contributors. You might want to allow a developer to create apps, data connections, and app objects, whereas the contributors, should only be able to modify app content. These types of permissions segregations, for example, can be driven off two AD groups, uGLBDeveloper, and uGLBContributor.