- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Float this Question for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Get clientId value
- Labels:
-
Apache NiFi
Created 03-16-2025 01:09 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How do I get the Client Id to make any processor update using REST PUT call ?
Created 03-17-2025 05:17 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@nifier
In order to answer this question, more detail is needed about your NiFi setup.
How is your NiFi authentication configured? Are you authenticating to your secured NiFi via a ClientAuth user certificate, using LDAP/AD, Kerberos, Spnego, etc...?
Thank you,
Matt
Created 03-17-2025 08:22 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @MattWho Thanks for your reply.
We are using LDAP to authenticate
Created 03-17-2025 12:09 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are you trying to build a dataflow on your NiFi canvas to programmatically to these rest-api calls or just looking to get a user token to used to make rest-api calls via some external process?
The easiest way to learn the rest-api calls it by using the developer tools in your browser. Open developer tools and then perform the action of logging in via the browser to capture the rest-api call made to get your user token. Developer tools will even give you the option to right click on the request and select copy as curl. That being said the browser is going to add a bunch of additional headers that are not needed.
I generally discourage using ldap when building dataflows to automate rest-api call in NiFi. Mainly because your username and password would exposed unencrypted in the dataflow where anyone with access could get it. In this scenario, creating a private key clientAuth certificate would be the better way to go. You can add your certificate to a StandardRestrictedSSLContextService where your password is encrypted, you don't need to worry about fetching user tokens, or user token expiration. A secured NiFi will always support MutualTLS even when ldap is also configured. NiFi will WANT a clientAuth certificate first and only redirect to ldap when one is not provided.
Above being said, obtaining a user token using ldap-provider authentication can be done using below:
curl 'https://<nifi hostname>:<nifi port>/nifi-api/access/token' -H 'content-type: application/x-www-form-urlencoded;charset=UTF-8' --data-raw 'username=<username>&password=<user password>' --insecure
The bearer token received in response would need to be used in subsequent rest-api calls. Once the token expires you would need to get a new one.
Please help our community grow. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped.
Thank you,
Matt
