Hi Erik thank you very much for the mail. My try is not about coding API. I just want to know whether processors like *InvokeHTTP, PostHTTP *can work with the access token(if you have some kerberized site). (the example I have provided is just for fast try)
Do you know whether those processors can somehow work with access token (or is it planned to implement it in some future releases,...)? best, Tomas On Wed, Oct 9, 2019 at 3:51 PM Erik Anderson <eand...@pobox.com> wrote: > Tomas, > > I wouldnt hand code the API yourself. You will get into serious > challenged to talk with all of the API endpoints, like deploying flows from > the NiFi Registry. > > The NiFi toolkit is what we use to talk to secure and unsecure (developer > sandbox) NiFi instances. > > https://nifi.apache.org/docs/nifi-docs/html/toolkit-guide.html > > You can create 1 certificate user, like you did below, nifi-api > > tls-toolkit.sh client -c nifi-toolkit.mydomain.com -t > FooManInTheMiddleSecretJunk-p 8443 -D 'CN=nifi-api, OU=NIFI' > > you can use that JSON file, point the toolkit at the JSON file, create a > user in the NiFi UI called "CN=nifi-api, OU=NIFI" > and its just magic. It all works. > > I seem to remember we tried the python package nipyapi but it wasnt > working with a secured version of NiFi. > > Erik Anderson > Bloomberg > > On Wed, Oct 9, 2019, at 9:23 AM, Tomas Hudik wrote: > > Hi there, > > I have secured NiFi (TLS + Kerberos) and need to work with NiFi API. > From command line, I do: > > 1. generate access token: *curl -k -d "username=nifi-...@domain.com > <nifi-...@domain.com>&password=paSSword" -X POST > https://df3-tt-master-01.domain.com:9443/nifi-api/access/token > <https://df-test-master-01.cn.infra:9443/nifi-api/access/token>* > 2. using access token: *curl -k -X GET > https://df3-tt-master-01.domain.com:9443/nifi-api/flow/about > <https://df-dev-master-01.cn.infra:9443/nifi-api/flow/about> -H > 'Authorization: Bearer <access token>' * > > However, I cannot generate and use access token within *InvokeHTTP, > PostHTTP. * > > > > - Is it possible to use access token with those processors? > - If not, is there any workaround (like other processor) how to use > NiFi API within secured NiFi? > > > any idea/hint is highly appreciated! :) > thank you, Tomas > > >
