Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

How to sign-in or bypass keycloak when making a request from InvokeHTTP processor.

Labels:
avatar
author-rank Jacccs
Explorer

Created ‎03-15-2023 01:42 PM

Hello, 

I'm using the InvokeHTTP processor to make a GET request from an API, however, before getting access to the API, there's a keycloak sign-in page that I need to bypass and the InvokeHTTP process returns that page as a csv response. Is the a way to sign-in or to use a token when making the GET request so I can make the right API call.

2,449 Views
0 Kudos
1 REPLY 1

avatar
author-rank HannaJr87
New Contributor

Created on ‎04-12-2023 07:22 AM - last edited on ‎04-12-2023 01:43 PM by Community Manager Community Manager

you can use Keycloak to authenticate and obtain a token, which you can then use to make the GET request to the API. Here's an example of how you can do this:Set up a Keycloak client for your API. You can follow the Keycloak documentation to set up a client for your API.Use the Keycloak API to obtain an access token. You can use the /auth/realms/{realm_name}/protocol/openid-connect/token endpoint to obtain an access token. You will need to provide your Keycloak username and password, as well as the client ID and client secret for your API. Here's an example of how you can use the requests library in Python to obtain an access token: 

import requests

url = 'http://<KEYCLOAK_HOST>/auth/realms/<REALM_NAME>/protocol/openid-connect/token'

payload = {
'client_id': '<CLIENT_ID>',
'client_secret': '<CLIENT_SECRET>',
'username': '<USERNAME>',
'password': '<PASSWORD>',
'grant_type': 'password'
}

response = requests.post(url, data=payload)

access_token = response.json()['access_token'] 

This code will make a POST request to the Keycloak token endpoint and obtain an access token.

Use the access token to make the GET request to the API. You can use the Authorization header to include the access token in the GET request. Here's an example of how you can use the requests library in Python to make the GET request: 

import requests

url = 'http://<API_HOST>/api/<API_ENDPOINT>'

headers = {
'Authorization': 'Bearer ' + access_token
}

response = requests.get(url, headers=headers)

data = response.json() 

You can use the ExecuteScript processor in NiFi to execute the Python code and obtain the data from the API. You can use the InvokeHTTP processor to make the initial GET request to the Keycloak sign-in page and extract the necessary information, such as the Keycloak username and password, to use in the Python code. You can use NiFi's built-in ExtractText processor to extract the necessary information from the InvokeHTTP response.

This code will make a GET request to the API with the access token included in the Authorization header.
Sincerely, Hannah

2,349 Views
Announcements
What's New @ Cloudera
Cloudera DataFlow 2.9 now supports building GenAI pipelines ...
What's New @ Cloudera
Accelerate Data Scientist Productivity with Cloudera Copilot...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
Community Announcements
October 2024 Community Highlights
What's New @ Cloudera
Accelerate Your AI with the Cloudera AI Inference Service wi...
View More Announcements