Community Articles
Find and share helpful community-sourced technical articles
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.
Cloudera Employee


Accessing REST API of Kerberized NiFI Cluster using Bearer Token


  1. CURL or Postman Installed on Your Laptop
  2. kinit - Successful for sales1 user
  3. Firefox browser with proper config (network.negotiate)
    1. Inside Firefox -> Open New Tab & Type -> about:config

      Filter by network

      network.negotiate-auth.trusted-uris -> .us-west-2.compute.internal

      network.negotiate-auth.delegation-uris ->.us-west2.compute.internal

  4. SPNEGO NiFi - Successful when you hit NiFi Home Page URL (sales1).

Next steps/Plan:

  1. On Nifi Home Page, Enable Developer Tools & Monitor Network Logs to get the Bearer Token (under current-user and Authorization part of Request Headers)
  2. Lets use the Bearer Token we got to populate the below commands.

CURL option:

curl ‘https://nifihost:9091/nifi-api/flow/status' -H ‘Authorization: Bearer <Token>’

For example,

curl '' -H 'Authorization: Bearer eyJhb..’ --compressed --insecure

Postman option:



No Auth





Bearer eyJhb…


1. Another way to get the token, Do curl 'https://nifi-host:port/nifi-api/access/token' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' --data 'username=ldap-username&password=ldap-password' --compressed —insecure to get the token

2.The "Bearer" presented in the rest-api call will be checked against the access policies assigned to that user.

Just remember that everything you do via NiFi's UI, are nothing more then calls to nifi-api.


@sbabu Getting the token this way does not work for me as there is a '%' in the password I am using, which causes curl to throw an error. How can I get around this? The script I am developing is going to be used by different people so I cannot know ahead of time to escape any special characters.

Don't have an account?
Coming from Hortonworks? Activate your account here
Version history
Revision #:
1 of 1
Last update:
‎06-24-2017 12:45 AM
Updated by:
Top Kudoed Authors