Tomas It just need someone to implement various standards. Right now I believe it is purely TLS one way or mutual auth and also supports basic and digest.
Thanks On Thu, Oct 10, 2019 at 11:00 AM Tomas Hudik <[email protected]> wrote: > Hi Erik > thank you very much for the mail. > > My try is not about coding API. I just want to know whether processors > like *InvokeHTTP, PostHTTP *can work with the access token(if you have > some kerberized site). > (the example I have provided is just for fast try) > > Do you know whether those processors can somehow work with access token > (or is it planned to implement it in some future releases,...)? > > best, Tomas > > > On Wed, Oct 9, 2019 at 3:51 PM Erik Anderson <[email protected]> wrote: > >> Tomas, >> >> I wouldnt hand code the API yourself. You will get into serious >> challenged to talk with all of the API endpoints, like deploying flows from >> the NiFi Registry. >> >> The NiFi toolkit is what we use to talk to secure and unsecure (developer >> sandbox) NiFi instances. >> >> https://nifi.apache.org/docs/nifi-docs/html/toolkit-guide.html >> >> You can create 1 certificate user, like you did below, nifi-api >> >> tls-toolkit.sh client -c nifi-toolkit.mydomain.com -t >> FooManInTheMiddleSecretJunk-p 8443 -D 'CN=nifi-api, OU=NIFI' >> >> you can use that JSON file, point the toolkit at the JSON file, create a >> user in the NiFi UI called "CN=nifi-api, OU=NIFI" >> and its just magic. It all works. >> >> I seem to remember we tried the python package nipyapi but it wasnt >> working with a secured version of NiFi. >> >> Erik Anderson >> Bloomberg >> >> On Wed, Oct 9, 2019, at 9:23 AM, Tomas Hudik wrote: >> >> Hi there, >> >> I have secured NiFi (TLS + Kerberos) and need to work with NiFi API. >> From command line, I do: >> >> 1. generate access token: *curl -k -d "[email protected] >> <[email protected]>&password=paSSword" -X POST >> https://df3-tt-master-01.domain.com:9443/nifi-api/access/token >> <https://df-test-master-01.cn.infra:9443/nifi-api/access/token>* >> 2. using access token: *curl -k -X GET >> https://df3-tt-master-01.domain.com:9443/nifi-api/flow/about >> <https://df-dev-master-01.cn.infra:9443/nifi-api/flow/about> -H >> 'Authorization: Bearer <access token>' * >> >> However, I cannot generate and use access token within *InvokeHTTP, >> PostHTTP. * >> >> >> >> - Is it possible to use access token with those processors? >> - If not, is there any workaround (like other processor) how to use >> NiFi API within secured NiFi? >> >> >> any idea/hint is highly appreciated! :) >> thank you, Tomas >> >> >>
