[jira] [Commented] (NIFI-14391) Support Initial Admin Group Configuration in FileAccessPolicyProvider

Tue, 15 Jul 2025 14:13:04 -0700 


    [ 
https://issues.apache.org/jira/browse/NIFI-14391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18007333#comment-18007333
 ] 

ASF subversion and git services commented on NIFI-14391:
--------------------------------------------------------

Commit 3ba40076aefa8428ba29ab35e797cabb732e73af in nifi's branch 
refs/heads/main from EndzeitBegins
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=3ba40076ae ]

NIFI-14391 Support to initiate administrative access for group of users

Signed-off-by: Mike Moser <[email protected]>
This closes #9868


> Support Initial Admin Group Configuration in FileAccessPolicyProvider
> ---------------------------------------------------------------------
>
>                 Key: NIFI-14391
>                 URL: https://issues.apache.org/jira/browse/NIFI-14391
>             Project: Apache NiFi
>          Issue Type: New Feature
>            Reporter: endzeit
>            Assignee: endzeit
>            Priority: Major
>          Time Spent: 2h 20m
>  Remaining Estimate: 0h
>
> Currently, when configuring a NiFi cluster with OIDC authentication, the 
> FileAccessPolicyProvider requires specifying a single, statically defined 
> user for initial administrator permissions. This necessitates the use of a 
> dedicated service account or relies on a specific user's availability during 
> cluster setup.
> This issue proposes enhancing the FileAccessPolicyProvider to support the 
> configuration of an initial administrator group (e.g., 'dinos') instead of a 
> single user. This would leverage the group information provided by the 
> Identity Provider and streamline the initial rights management process, 
> eliminating the reliance on individual user accounts.
> Specifically, we suggest adding a configuration option, such as "Initial 
> Admin Group," to the FileAccessPolicyProvider. This would allow 
> administrators to specify a group that should be granted initial 
> administrative privileges upon cluster startup.
> This enhancement would improve the manageability of NiFi clusters in OIDC 
> environments by providing a more flexible and robust approach to initial 
> administrator rights assignment.
> See [discussion on 
> Slack|https://apachenifi.slack.com/archives/C0L9VCD47/p1742923692051819].



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to