How can an admin grant permission to an external company to view all sections in the QMC without edit rights?

Creating a new user role and assigning it to those users is the correct approach for granting an external company the ability to view all sections in the QMC (Qlik Management Console) without providing editing rights.

This method allows for tailored access control, where the administrator can define specific permissions associated with the newly created role. By setting the role to include view permissions for all necessary sections, while explicitly excluding edit permissions, the admin ensures that the external users can fulfill their need to view the QMC without compromising the integrity of the system by allowing unauthorized changes.

User roles in Qlik Sense are an essential feature for managing user permissions effectively. They can be customized to meet specific security and operational requirements, enabling a more granular access control mechanism that aligns with best practices in system administration.

In contrast, assigning external users as system admins would give them full control over the QMC, which is not suitable when the goal is merely to allow viewing rights. Providing a temporary access key may not effectively manage ongoing access needs or can lead to security gaps when it is renewed or invalidated. Lastly, using a user directory connector typically deals with managing users within an organization's Active Directory or a similar service, which may not directly allow specific permissions for an external company.