Cloudera Community

Community Articles

Find and share helpful community-sourced technical articles.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

Accessing REST API of Kerberized NiFI Cluster using Bearer Token through CURL command or POSTMAN Appl

avatar
author-rank sbabu author-rank
Contributor

Created on ‎06-24-2017 12:45 AM - edited on ‎09-03-2023 07:45 PM by Expert Contributor Expert Contributor

Objective:

Accessing REST API of Kerberized NiFI Cluster using Bearer Token

Prerequisites:

  1. CURL or Postman Installed on Your Laptop
  2. kinit - Successful for sales1 user
  3. Firefox browser with proper config (network.negotiate)
    1. Inside Firefox -> Open New Tab & Type -> about:config

      Filter by network

      network.negotiate-auth.trusted-uris -> .us-west-2.compute.internal

      network.negotiate-auth.delegation-uris ->.us-west2.compute.internal

  4. SPNEGO NiFi - Successful when you hit NiFi Home Page URL (sales1).

Next steps/Plan:

  1. On Nifi Home Page, Enable Developer Tools & Monitor Network Logs to get the Bearer Token (under current-user and Authorization part of Request Headers)
  2. Lets use the Bearer Token we got to populate the below commands.

CURL option:

curl ‘https://nifihost:9091/nifi-api/flow/status' -H ‘Authorization: Bearer <Token>’

For example,

curl 'https://ip-172-30-0-72.us-west-2.compute.internal:9091/nifi-api/flow/status' -H 'Authorization: Bearer eyJhb..’ --compressed --insecure

 

Postman option:

GET

https://ip-172-30-0-72.us-west-2.compute.internal:9091/nifi-api/flow/status

Authorization

No Auth

Headers

Key

Authorization

Value

Bearer eyJhb…

 

Note:

1. Another way to get the token, Do curl 'https://nifi-host:port/nifi-api/access/token' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' --data 'username=ldap-username&password=ldap-password' --compressed --insecure

to get the token

2.The "Bearer" presented in the rest-api call will be checked against the access policies assigned to that user.

Just remember that everything you do via NiFi's UI, are nothing more then calls to nifi-api.

3,287 Views
Comments

Re: Accessing REST API of Kerberized NiFI Cluster using Bearer Token through CURL command or POSTMAN Appl

avatar
author-rank josh_nicholson
Expert Contributor

Created on ‎07-23-2018 06:41 PM

@sbabu Getting the token this way does not work for me as there is a '%' in the password I am using, which causes curl to throw an error. How can I get around this? The script I am developing is going to be used by different people so I cannot know ahead of time to escape any special characters.

Announcements
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
What's New @ Cloudera
Performance comparison of Spark3 on YARN with S3 Standard VS...
View More Announcements
Version history
Last update:
‎09-03-2023 07:45 PM
Updated by:
Expert Contributor Expert Contributor
Contributors