Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

apache-nifi-openid-connect

Labels:
avatar
author-rank Dave0x1
Rising Star

Created ‎03-11-2022 06:06 AM

Hi there,

 

We want to move from nifi 1.13 to 1.15 and are trying to implement OIDC. We found this great manual from Bryan https://bryanbende.com/development/2017/10/03/apache-nifi-openid-connect  followed this and after some tweaking we finally got the google login screen. 


nifi.properties is setup for localhost

nifi.web.https.host=localhost
nifi.web.https.port=8443
 
And Google redirect API is set to 
 
After succesfully logging in we get redirected to the url above, but receive the following error.
Unable to continue login sequence

 

Unable to exchange authorization for ID token: Unable to parse the response from the Token request: Unable to validate the ID Token: Unexpected JWT audience: [169248247257-v1tcvtl6n6gq0psjqjt69jpkq36ue3i8.apps.googleusercontent.com]

What seems to be going wrong?
 
Once this is working, we will be implementing this to our AWS nifi clusters with Loadbalancer IP's and of course not on localhost. 
 
Thank you in advanced.
Kind regards,
Dave
1,091 Views
0 Kudos
0 REPLIES 0
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements