Support Questions
Find answers, ask questions, and share your expertise

how to call a external web api secured with ldap form NIFI

New Contributor

how to call a external web api secured with ldap form NIFI

4 REPLIES 4

Master Guru
@dilip singh

-

Is it possible to call this external API via curl outside of NIFi without needing to interactively provide a username and password?

-

If so, you should be able to use the invokeHTTP processor(s) to invoke the same call(s).

-

Thank you,

Matt

Explorer

This is correct. To expand on this answer a bit, you need to configure InvokeHTTP with the ldap credentials (username/password) required by the external Web API. See the InvokeHTTP documentation for the available options. For example, if the external web api supports HTTP Basic Auth for credentials, use can use the 'Basic Authentication Username' and 'Basic Authentication Password' properties of the InvokeHTTP processor.

Note: When passing client credentials, be sure you are using TLS (https), which requires configuring an SSL Context Service to use in InvokeHTTP.

Master Guru

@dilip singh

-

*** Forum tip: Please try to avoid responding to an Answer by starting a new answer. Instead use the "add comment" tp respond to en existing answer. There is no guaranteed order to different answers which can make following a response thread difficult especially when multiple people are trying to assist you. Also using the "@username" in your response help make sure user gets notified about your response.

-

Different endpoints have different ways of accepting username and password credentials.
For example: Hitting a NIFi instance that uses ldap for user authentication would look like this:

token=$(curl -k 'https://<hostname>:<port>/nifi-api/access/token'  --data 'username=<username>&password=<password>’)
-

The above would simply return a user token saved to a variable "token" which would then need to be included in all subsequentNiFi rest-api calls.

for example:

curl -k 'https://<hostname>:<port>/nifi-api/tenants/users' -H "Authorization: Bearer $token"

-

Your particular rest endpoint may handle things differently.

for example:

curl -u <username>:<password> https://<hostname>:<port>/

-

The only suggestion i can offer here would be to make use of the network tools in your web browser to capture the network request that is made when you manually access the end-point via the browser. Most developer tools will even allow you to save the request made as a curl command.

Chrome browser Developer tools example:

80568-screen-shot-2018-07-16-at-15711-pm.png

80567-screen-shot-2018-07-16-at-15542-pm.png

-

Hope this helps.

Thank you,

Matt

-

If you found this Answer addressed your original question, please take a moment to login and click "Accept" below the answer.

New Contributor

when i hit the web api URl(http) into browser, it prompts for Username and Password as web api is secured with LDAP(NTLM authentication), after entering the credentials, it returns JSON formatted data. I am not aware how to pass username and password via curl command.