Michael Moser created NIFI-6038: ----------------------------------- Summary: OIDC TokenRequest fails with some OAuth2 providers Key: NIFI-6038 URL: https://issues.apache.org/jira/browse/NIFI-6038 Project: Apache NiFi Issue Type: Bug Components: Core Framework Affects Versions: 1.8.0 Reporter: Michael Moser Assignee: Michael Moser
I tried to integrate NiFi with a third party OAuth2 provider using OIDC, and I encountered problems. In particular I was working with ForgeRock Access Manager (AM) ([AM OIDC Guide|https://backstage.forgerock.com/docs/am/6/oidc1-guide/]). ForgeRock AM complains that the Access Token Request sent by NiFi incorrectly contains a scope parameter. Apparently it decides not to ignore the extra parameter and fails instead. The [RFC-6749|https://tools.ietf.org/html/rfc6749#page-29] and [OAuth2 documentation|https://www.oauth.com/oauth2-servers/access-tokens/authorization-code-request/] doesn't mention using a scope parameter in the Access Token Request. -- This message was sent by Atlassian JIRA (v7.6.3#76005)