https://community.cloudera.com/t5/Support-Questions/Default-authenticaion-in-Nifi/m-p/378652#M243617 <P><a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/102531">@zIfo</a>&nbsp;<BR />The default Single-User-Authorizer (Authorization) and Single-user-provider (authentication) are not intended for production use.&nbsp; These were added as of&nbsp; Apache NiFi 1.14 to facilitate a secure out-of-the-box NiFi startup for evaluation and testing.&nbsp;&nbsp;<BR /><BR />They provide very basic authentication and authorization. Single user with complete and full access to everything.&nbsp; So by using this default provider you have no ability to support multiple users with very granular levels of authorization.&nbsp; The Token on the NiFi server side should expire after 8 hours.&nbsp; The JWT token stored in the browser may be around longer.<BR /><BR />You did not share the version of Apache NiFi you have installed, but perhaps the following explains what you are experiencing :<BR /><A href="https://issues.apache.org/jira/browse/NIFI-9049" target="_blank">https://issues.apache.org/jira/browse/NIFI-9049</A><BR /><BR /></P><P>But to support NiFi Clusters and NiFi multi-tenant authentication and authorization, you should move to a production ready authentication provider (LDAP commonly used) and authorizer (Managed authorizer commonly used).<BR /><BR /></P><P>If you found any of the suggestions/solutions provided helped you with your issue, please take a moment to login and click "<SPAN><EM><STRONG><FONT color="#FF0000">Accept as Solution</FONT></STRONG></EM>" on one or more of them that helped.</SPAN></P><P><SPAN>Thank you,<BR />Matt</SPAN></P> Mon, 06 Nov 2023 14:09:39 GMT MattWho 2023-11-06T14:09:39Z https://community.cloudera.com/t5/Support-Questions/Default-authenticaion-in-Nifi/m-p/378604#M243606 <P>Hi,</P><P>&nbsp; &nbsp; We are trying to authenticate Nifi with single-user-authorizer using the auto-generated username and password itself. We thought of changing the token expiration time. But, we couldn't find any configuration for token expiration for this default authentication. There is an api which gives the expiation time of the token but the token is still active even after the expiration time we got from the api.&nbsp;<BR /><BR />Is there any configuration to change the duration of active token?&nbsp; Or Is there a way to get the actual token expiration time?<BR /><BR />Where can I find the document for&nbsp;working of token expiration for nifi default authentication?</P> Mon, 06 Nov 2023 05:54:27 GMT https://community.cloudera.com/t5/Support-Questions/Default-authenticaion-in-Nifi/m-p/378604#M243606 zIfo 2023-11-06T05:54:27Z https://community.cloudera.com/t5/Support-Questions/Default-authenticaion-in-Nifi/m-p/378652#M243617 <P><a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/102531">@zIfo</a>&nbsp;<BR />The default Single-User-Authorizer (Authorization) and Single-user-provider (authentication) are not intended for production use.&nbsp; These were added as of&nbsp; Apache NiFi 1.14 to facilitate a secure out-of-the-box NiFi startup for evaluation and testing.&nbsp;&nbsp;<BR /><BR />They provide very basic authentication and authorization. Single user with complete and full access to everything.&nbsp; So by using this default provider you have no ability to support multiple users with very granular levels of authorization.&nbsp; The Token on the NiFi server side should expire after 8 hours.&nbsp; The JWT token stored in the browser may be around longer.<BR /><BR />You did not share the version of Apache NiFi you have installed, but perhaps the following explains what you are experiencing :<BR /><A href="https://issues.apache.org/jira/browse/NIFI-9049" target="_blank">https://issues.apache.org/jira/browse/NIFI-9049</A><BR /><BR /></P><P>But to support NiFi Clusters and NiFi multi-tenant authentication and authorization, you should move to a production ready authentication provider (LDAP commonly used) and authorizer (Managed authorizer commonly used).<BR /><BR /></P><P>If you found any of the suggestions/solutions provided helped you with your issue, please take a moment to login and click "<SPAN><EM><STRONG><FONT color="#FF0000">Accept as Solution</FONT></STRONG></EM>" on one or more of them that helped.</SPAN></P><P><SPAN>Thank you,<BR />Matt</SPAN></P> Mon, 06 Nov 2023 14:09:39 GMT https://community.cloudera.com/t5/Support-Questions/Default-authenticaion-in-Nifi/m-p/378652#M243617 MattWho 2023-11-06T14:09:39Z https://community.cloudera.com/t5/Support-Questions/Default-authenticaion-in-Nifi/m-p/378654#M243619 <P><a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/35454">@MattWho</a>&nbsp;Thanks for the response. We are using Nifi 1.21.0 version and we are using it internally in our application. Hence, we are currently planning to have&nbsp;<SPAN>Single-User-Authorizer as of now. In future, we will go for&nbsp;authentication provider.&nbsp;<BR /><BR />Is there any way to change that 8hours expiration time? And what is the time of expiration I get from the api - /access/token/expiration?. The token is not getting expired with the time we get from that api.</SPAN></P> Mon, 06 Nov 2023 14:28:08 GMT https://community.cloudera.com/t5/Support-Questions/Default-authenticaion-in-Nifi/m-p/378654#M243619 zIfo 2023-11-06T14:28:08Z