We need help to get token to execute Apache NiFi API which is running on Linux and OAuth authentication.
The below two steps we have taken.
- Get token from Microsoft OAuth API call which gives us the token. <Success>
- Using the token above and we are trying to get token from NiFi Api call which is not success
Example:
Step 1:
Token from Azure:
curl -X POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=client_credentials" \
-d "client_id={CliendID}" \
-d "client_secret={ClientSecret}" \
-d "scope={CliendID}/.default"
Result: Generated successful "{token}"
Step 2:
curl -X POST https://NIFIDnsName:9444/nifi-api/access/oidc/exchange \
-H "Authorization: Bearer {token}"
Error:
Unauthorized error="invalid_token", error_description="An error occurred while attempting to decode the Jwt: Signed JWT rejected: Another algorithm exp
nifi.properties file:
nifi.security.user.oidc.discovery.url=https://login.microsoftonline.com/{tanent}/v2.0/.well-known/openid-configuration
nifi.security.user.oidc.connect.timeout=5 secs
nifi.security.user.oidc.read.timeout=5 secs
nifi.security.user.oidc.client.id=*********************
nifi.security.user.oidc.client.secret=**********************
nifi.security.user.oidc.preferred.jwsalgorithm=RS256
nifi.security.user.oidc.additional.scopes=offline_access
nifi.security.user.oidc.claim.identifying.user=email
nifi.security.user.oidc.fallback.claims.identifying.user=
nifi.security.user.oidc.claim.groups=groups
nifi.security.user.oidc.truststore.strategy=JDK
nifi.security.user.oidc.token.refresh.window=60 secs
nifi.security.user.oidc.pkce.enabled=true
nifi.security.user.oidc.jwt.algorithm=RS256
Can you help us steps to execute simple NiFi API call which is running OAuth authentication.
