@nifier
Are you trying to build a dataflow on your NiFi canvas to programmatically to these rest-api calls or just looking to get a user token to used to make rest-api calls via some external process?
The easiest way to learn the rest-api calls it by using the developer tools in your browser. Open developer tools and then perform the action of logging in via the browser to capture the rest-api call made to get your user token. Developer tools will even give you the option to right click on the request and select copy as curl. That being said the browser is going to add a bunch of additional headers that are not needed.
I generally discourage using ldap when building dataflows to automate rest-api call in NiFi. Mainly because your username and password would exposed unencrypted in the dataflow where anyone with access could get it. In this scenario, creating a private key clientAuth certificate would be the better way to go. You can add your certificate to a StandardRestrictedSSLContextService where your password is encrypted, you don't need to worry about fetching user tokens, or user token expiration. A secured NiFi will always support MutualTLS even when ldap is also configured. NiFi will WANT a clientAuth certificate first and only redirect to ldap when one is not provided.
Above being said, obtaining a user token using ldap-provider authentication can be done using below:
curl 'https://<nifi hostname>:<nifi port>/nifi-api/access/token' -H 'content-type: application/x-www-form-urlencoded;charset=UTF-8' --data-raw 'username=<username>&password=<user password>' --insecure
The bearer token received in response would need to be used in subsequent rest-api calls. Once the token expires you would need to get a new one.
Please help our community grow. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped.
Thank you,
Matt
