Tomas, I wouldnt hand code the API yourself. You will get into serious challenged to talk with all of the API endpoints, like deploying flows from the NiFi Registry.
The NiFi toolkit is what we use to talk to secure and unsecure (developer sandbox) NiFi instances. https://nifi.apache.org/docs/nifi-docs/html/toolkit-guide.html You can create 1 certificate user, like you did below, nifi-api tls-toolkit.sh client -c nifi-toolkit.mydomain.com -t FooManInTheMiddleSecretJunk-p 8443 -D 'CN=nifi-api, OU=NIFI' you can use that JSON file, point the toolkit at the JSON file, create a user in the NiFi UI called "CN=nifi-api, OU=NIFI" and its just magic. It all works. I seem to remember we tried the python package nipyapi but it wasnt working with a secured version of NiFi. Erik Anderson Bloomberg On Wed, Oct 9, 2019, at 9:23 AM, Tomas Hudik wrote: > Hi there, > > I have secured NiFi (TLS + Kerberos) and need to work with NiFi API. > From command line, I do: > 1. generate access token: *curl -k -d > "[email protected]&password=paSSword" -X POST > https://df3-tt-master-01.domain.com:9443/nifi-api/access/token > <https://df-test-master-01.cn.infra:9443/nifi-api/access/token>* > 2. using access token: *curl -k -X GET > https://df3-tt-master-01.domain.com:9443/nifi-api/flow/about > <https://df-dev-master-01.cn.infra:9443/nifi-api/flow/about> -H > 'Authorization: Bearer <access token>' * > However, I cannot generate and use access token within *InvokeHTTP, PostHTTP. > * > > > * Is it possible to use access token with those processors? > * If not, is there any workaround (like other processor) how to use NiFi API > within secured NiFi? > > any idea/hint is highly appreciated! :) > thank you, Tomas >
