Support Questions
Find answers, ask questions, and share your expertise

Authenticate using nifi api to azure ad

Authenticate using nifi api to azure ad

Explorer

Hi all,

I am trying to authenticate to NiFi using the api and curl. I understand the concept (I've traced it using Chrome) :

I curl the "https://myhost:8443/nifi-api/access/oidc/request" using the command :

curl -v 'https://mynifiserver.mydomain.com:8443/nifi-api/access/oidc/request' \
     -X GET \
     -H 'Connection: keep-alive' \
     -H 'Referer: https://mynifiserver.mydomain.com:8443/nifi-api/'; \
     -H 'Accept-Encoding: gzip, deflate, br' \
     -H 'Accept-Language: fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7' \
     --compress --insecure \
     -L -j -c cookies.jar.txt \
     > curl.request.txt

Since I've traced the request I can see that :

  • The nifi-api endpoint gets called which sets the cookie "oidc-request-identifier" correctly
  • https://login.microsoftonline.com/... gets called properly with a "redirect_uri" properly set to my servers "callback" endpoint.

Unfortunately, the resulting output of the command "curl.request.txt" contains an HTML page returned by the microsoft site but the callback never gets executed. I suspect that the HTML contains a Javascript that would eventually redirect to the callback but since it's not being done I can't execute the subsequent "exchange" or any other api call to extract my token to continue.

Where did I go wrong ?