[
https://issues.apache.org/jira/browse/NIFI-7765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17186056#comment-17186056
]
W Chang edited comment on NIFI-7765 at 8/27/20, 6:58 PM:
---------------------------------------------------------
[~pvillard] Thanks for the information.
I tried a client certificate to authenticate to a NiFi instance configured with
OIDC using the NiFi toolkit cli, but it failed with the error, Unknown user
with identity 'anonymous'. The format of user for OIDC is email address
format, and the same format needs to be used to configure "Initial User
Identity" in authorizers.xml. This format is different from the format of
Owner of a client certificate.
was (Author: wchang3378):
[~pvillard] Thanks for the information.
I tired a client certificate to authenticate to a NiFi instance configured with
OIDC using the NiFi toolkit cli, but it failed with the error, Unknown user
with identity 'anonymous'. The format of user for OIDC is email address
format, and the same format needs to be used to configure "Initial User
Identity" in authorizers.xml. This format is different from the format of
Owner of a client certificate.
> Toolket CLI OpenID Connect Support
> ----------------------------------
>
> Key: NIFI-7765
> URL: https://issues.apache.org/jira/browse/NIFI-7765
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Tools and Build
> Affects Versions: 1.11.4
> Environment: CentOS Linux 7
> Reporter: W Chang
> Priority: Major
> Labels: Authentication, CLI, Connect, OIDC, OpenID
>
> When a NiFi or a Registry instance is configured for OpenID Connect
> authentication, a user cannot authenticate to the secure NiFi or the secure
> Registry using Toolkit CLI to use CLI commands.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
