2

I have configured SSL for nifi by using knox by following the guide for configuration.(https://risdenk.github.io/2018/03/18/apache-knox-proxying-apache-nifi.html).

Nifi url is:https://192.168.1.121:9091/nifi/

Knox url is: https://192.168.1.121:8443/gateway/sandbox/nifi-app/nifi/

I have created admin:admin-password user in nifi and I'm able to log in. But if I'm trying to get the access token by using rest api.

Access token API: https://192.168.1.121:8443/gateway/sandbox/nifi-app/nifi-api/access/token

username:admin

password:admin-password

Response: Username/Password login not supported by this NiFi.

For getting access token I'm using Knox proxy url. Below is the snap shot of the request. enter image description here

ashok
  • 1,078
  • 3
  • 20
  • 63

1 Answers1

2

NiFi does not support direct username/password login; it integrates with LDAP, Kerberos, or OpenID Connect to perform authentication. Once the user is authenticated, NiFi issues a JWT token which is used on subsequent requests.

(You can also use client certificates, which are sent on every request.)

When integrating with KnoxSSO, that is the service performing the username/password authentication, and then it issues a JWT token which is passed to NiFi and verified on each request. So you cannot pass a username/password to NiFi and receive a token in response; you need to provide those credentials to KnoxSSO.

This brief article and these instructions for accessing the KnoxSSO token may help.

Andy
  • 13,916
  • 1
  • 36
  • 78