https://community.cloudera.com/t5/Support-Questions/Connect-Airflow-to-Nifi-and-access-the-Nifi-Api-through-an/m-p/364952#M239277 <P><a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/95755">@bmoisson</a>&nbsp;<a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/101947">@Sumit6620</a>&nbsp;<BR />When you authenticate via NiFi, there is both a client JWT token generated and a server side key&nbsp; generated on the node on which the authentication was performed.&nbsp; That Client JWT token can then be used to perform calls to rest-api endpoints on that node only for which that client is authorized.&nbsp;&nbsp;<BR /><BR />When you are obtaining your JWT token from an external authentication endpoint, NiFi won't have the server side token need to validate that token and thus rejects that token.<BR /><BR />You can find the various methods of authentication that can be configured in Apache NiFi here:<BR /><A href="https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user_authentication" target="_blank">https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user_authentication</A></P><P>&nbsp;</P><P><FONT face="batang,apple gothic">If you found that the provided solution(s) assisted you with your query, please take a moment to login and click</FONT>&nbsp;<FONT face="arial black,avant garde" color="#FF0000">Accept as Solution&nbsp;</FONT><FONT face="batang,apple gothic" color="#000000">below each response that helped.<BR /><BR />Thank you,</FONT></P><P><FONT face="batang,apple gothic" color="#000000">Matt</FONT></P> Wed, 01 Mar 2023 17:44:44 GMT MattWho 2023-03-01T17:44:44Z https://community.cloudera.com/t5/Support-Questions/Connect-Airflow-to-Nifi-and-access-the-Nifi-Api-through-an/m-p/336128#M232147 <P>Hello,<BR /><BR />I would like to connect my&nbsp;Airflow application with my&nbsp;Apache Nifi application though the Apache Nifi API. The aim is to let the Airflow orchestrate my entire flow.<BR /><BR />My Apache Nifi authentication is made via the OpenId protocol on a Keycloak application so I first get a token via a call to the&nbsp;<SPAN>auth/realms/myrealms/protocol/openid-connect/token and then with&nbsp;the generated JWT, I call the nifi-api to catch some processors, passing the JWT as a bearer token, I have got the following error :&nbsp;<BR /><BR /></SPAN><SPAN><EM>Bearer error="invalid_token", error_description="An error occurred while attempting to decode the Jwt: Signed JWT rejected: Another algorithm expected, or no matching key(s) found", error_uri="<A href="https://tools.ietf.org/html/rfc6750#section-3.1" target="_blank">https://tools.ietf.org/html/rfc6750#section-3.1</A>"&nbsp;</EM><BR /><BR /></SPAN></P><P>I tried the same curl call to the processor, using the token I get when I connect with the UserInterface, and I get a success.&nbsp;<BR /><BR /></P><P>I supposed it may be due to the internal user policy of Nifi who rejecte me so I added username and email of the first token to the Nifi policy, but it change nothing.&nbsp;<BR /><BR />Does someone may help me please?&nbsp;<BR /><BR />Thanks&nbsp;</P> Fri, 11 Feb 2022 16:42:32 GMT https://community.cloudera.com/t5/Support-Questions/Connect-Airflow-to-Nifi-and-access-the-Nifi-Api-through-an/m-p/336128#M232147 bmoisson 2022-02-11T16:42:32Z https://community.cloudera.com/t5/Support-Questions/Connect-Airflow-to-Nifi-and-access-the-Nifi-Api-through-an/m-p/364859#M239257 <P>I am also facing the same issue. Pls, help me.</P> Wed, 01 Mar 2023 04:51:36 GMT https://community.cloudera.com/t5/Support-Questions/Connect-Airflow-to-Nifi-and-access-the-Nifi-Api-through-an/m-p/364859#M239257 Sumit6620 2023-03-01T04:51:36Z https://community.cloudera.com/t5/Support-Questions/Connect-Airflow-to-Nifi-and-access-the-Nifi-Api-through-an/m-p/364952#M239277 <P><a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/95755">@bmoisson</a>&nbsp;<a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/101947">@Sumit6620</a>&nbsp;<BR />When you authenticate via NiFi, there is both a client JWT token generated and a server side key&nbsp; generated on the node on which the authentication was performed.&nbsp; That Client JWT token can then be used to perform calls to rest-api endpoints on that node only for which that client is authorized.&nbsp;&nbsp;<BR /><BR />When you are obtaining your JWT token from an external authentication endpoint, NiFi won't have the server side token need to validate that token and thus rejects that token.<BR /><BR />You can find the various methods of authentication that can be configured in Apache NiFi here:<BR /><A href="https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user_authentication" target="_blank">https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user_authentication</A></P><P>&nbsp;</P><P><FONT face="batang,apple gothic">If you found that the provided solution(s) assisted you with your query, please take a moment to login and click</FONT>&nbsp;<FONT face="arial black,avant garde" color="#FF0000">Accept as Solution&nbsp;</FONT><FONT face="batang,apple gothic" color="#000000">below each response that helped.<BR /><BR />Thank you,</FONT></P><P><FONT face="batang,apple gothic" color="#000000">Matt</FONT></P> Wed, 01 Mar 2023 17:44:44 GMT https://community.cloudera.com/t5/Support-Questions/Connect-Airflow-to-Nifi-and-access-the-Nifi-Api-through-an/m-p/364952#M239277 MattWho 2023-03-01T17:44:44Z https://community.cloudera.com/t5/Support-Questions/Connect-Airflow-to-Nifi-and-access-the-Nifi-Api-through-an/m-p/369927#M240587 <P>i aslo face that problem can you provid code exmaple of the solution?</P> Wed, 03 May 2023 08:24:23 GMT https://community.cloudera.com/t5/Support-Questions/Connect-Airflow-to-Nifi-and-access-the-Nifi-Api-through-an/m-p/369927#M240587 perziba 2023-05-03T08:24:23Z