Cloudera Community
tyler_gregory
user rank
New Contributor
My Accepted Solutions
Show All

Re: OIDC With Azure AD

by New Contributor in Support Questions
‎08-28-2018 01:25 PM
‎08-28-2018 01:25 PM
Turns out I'd misconfigured the proxy settings on the nginx ingress. The bearer token, and all state values for the OIDC login statemachine, are not replicated to the other cluster members. This means one must configure sticky sessions on the ingress. ... View more

OIDC With Azure AD

by New Contributor in Support Questions
‎08-27-2018 04:14 PM
1 Kudo
‎08-27-2018 04:14 PM
1 Kudo
I've deployed a secured NiFi cluster on Kubernetes in Azure, and am attempting to configure OIDC against Azure AD for auth. I've created an app registration in AAD and configured the OIDC settings in nifi.properties as follows: nifi.security.user.oidc.discovery.url=https://login.microsoftonline.com/dvn.onmicrosoft.com/.well-known/openid-configuration nifi.security.user.oidc.connect.timeout=5 secs nifi.security.user.oidc.read.timeout=5 secs nifi.security.user.oidc.client.id=a8d7d98f-588a-4e30-b93c-1730de5512b1 nifi.security.user.oidc.client.secret=********************************* nifi.security.user.oidc.preferred.jwsalgorithm= However, the login sequence always fails with: Purposed state does not match the stored state. Unable to continue login process. Can anyone shed some light on what I might be doing wrong? Thanks ... View more
Labels:
Contact Me
Online
Offline
Last Visited
‎08-28-2018 01:23 PM
Community Statistics
Member Since ‎08-27-2018 03:55 PM
Last Visited ‎08-28-2018 01:23 PM
Posts 2
Kudos received 1