Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Authenticate using nifi api to azure ad

Authenticate using nifi api to azure ad

New Contributor

Hi all,

I am trying to authenticate to NiFi using the api and curl. I understand the concept (I've traced it using Chrome) :

I curl the "https://myhost:8443/nifi-api/access/oidc/request" using the command :

curl -v 'https://mynifiserver.mydomain.com:8443/nifi-api/access/oidc/request' \
     -X GET \
     -H 'Connection: keep-alive' \
     -H 'Referer: https://mynifiserver.mydomain.com:8443/nifi-api/'; \
     -H 'Accept-Encoding: gzip, deflate, br' \
     -H 'Accept-Language: fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7' \
     --compress --insecure \
     -L -j -c cookies.jar.txt \
     > curl.request.txt

Since I've traced the request I can see that :

  • The nifi-api endpoint gets called which sets the cookie "oidc-request-identifier" correctly
  • https://login.microsoftonline.com/... gets called properly with a "redirect_uri" properly set to my servers "callback" endpoint.

Unfortunately, the resulting output of the command "curl.request.txt" contains an HTML page returned by the microsoft site but the callback never gets executed. I suspect that the HTML contains a Javascript that would eventually redirect to the callback but since it's not being done I can't execute the subsequent "exchange" or any other api call to extract my token to continue.

Where did I go wrong ?