Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

apache-nifi-openid-connect

avatar
Contributor

Hi there,

 

We want to move from nifi 1.13 to 1.15 and are trying to implement OIDC. We found this great manual from Bryan https://bryanbende.com/development/2017/10/03/apache-nifi-openid-connect  followed this and after some tweaking we finally got the google login screen. 


nifi.properties is setup for localhost

nifi.web.https.host=localhost
nifi.web.https.port=8443
 
And Google redirect API is set to 
 
After succesfully logging in we get redirected to the url above, but receive the following error.
Unable to continue login sequence

 

Unable to exchange authorization for ID token: Unable to parse the response from the Token request: Unable to validate the ID Token: Unexpected JWT audience: [169248247257-v1tcvtl6n6gq0psjqjt69jpkq36ue3i8.apps.googleusercontent.com]

What seems to be going wrong?
 
Once this is working, we will be implementing this to our AWS nifi clusters with Loadbalancer IP's and of course not on localhost. 
 
Thank you in advanced.
Kind regards,
Dave
0 REPLIES 0