Created on 11-13-2023 07:02 AM - edited 11-13-2023 07:10 AM
I am attempting to use the NiFi StandardOauth2AccessTokenProvider 1.23.2 with the ConsumeIMAP processor in order to retrieve emails from Microsoft Outlook.
When I configure using a grant type of either Client Credentials or Refresh Token, the "Can acquire token" validation always fails with a 400 response code.
Upon examining the logs, the error reads:
ERROR [Verify Controller Service Config Thread-1] o.a.n.o.StandardOauth2AccessTokenProvider StandardOauth2AccessTokenProvider[id=ba2358f5-018b-1000-e706-d1406dd00474] OAuth2 access token request failed [HTTP 400], response:
{"error":"invalid_request","error_description":"AADSTS900144: The request body must contain the following parameter: 'grant_type'. Trace ID: 42b51bc0-3865-441e-abb2-200be69b6a00 Correlation ID: 1d0d67de-c1c3-4f0c-9f82-528b027ba18b Timestamp: 2023-11-13 14:41:12Z","error_codes":[900144],"timestamp":"2023-11-13 14:41:12Z","trace_id":"42b51bc0-3865-441e-abb2-200be69b6a00","correlation_id":"1d0d67de-c1c3-4f0c-9f82-528b027ba18b","error_uri":"https://login.microsoftonline.com/error?code=900144"}
It would seem that the request is not setting the Grant Type correctly. I am able to create the request for a token outside of NiFi just fine when setting grant_type to client_credentials or refresh_token.
Is it possible to get this working or is this just a bug with this particular controller service?
Created 11-13-2023 08:54 AM
@kogent Welcome to the Cloudera Community!
To help you get the best possible solution, I have tagged our NiFi experts @steven-matison @MattWho who may be able to assist you further.
Please keep us updated on your post, and we hope you find a satisfactory solution to your query.
Regards,
Diana Torres,Created 12-18-2023 04:36 PM
Something similar has been raised with the Nifi developers some months ago for 1.20.0 (NIFI-11579) but no response so far. I've also only had this occur with 1.23.2 but using Basic Auth and Client Credentials