I think you faced with NiFi Cross-Site Request Forgery Protection. Here is the link to manual: https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#csrf-protection When you execute authorization request (/access/token) you got two cookies: __Secure-Authorization-Bearer and __Secure-Request-Token. Value of __Secure-Authorization-Bearer cookie you can use as value for Authorization header or maybe your http client can add it automatically. And to avoid CSRF security filter you should add to all POST/PUT/DELETE requests header with name Request-Token and value of __Secure-Request-Token cookie. ... View more

@Kushisabishii  could you please advise what list of host needs to be provided on the NIFI_WEB_PROXY_HOST I have added the docker host and port that I access the NiFi UI.  For example my NiFi is accessible via https://docker-host.comp.com/nifi/ Hence I have added the NIFI_WEB_PROXY_HOST = docker-host.comp.com:443 into my docker compose file. Do I need to consider any other hosts to be added ? ... View more