Scott, you could use tls client cert auth, maybe including appropriate user-mapping. Since you have been using ldap, you maybe can use the dn as cert subject as-is. Only be aware that whitespace handling in the subject dn might differ between nifi and your ldap. We're also running nifi secured with an additional auth provider, but 2way tls is always accepted by nifi. But maybe you could also employ a reporting task instead of polling the api. Best, Lars
On 20 July 2021 23:31:02 CEST, scott <[email protected]> wrote: >Hi all, >I'm trying to setup some monitoring of all queues in my NiFi instance, >to >catch before queues become full. One solution I am looking at is to use >the >API, but because I have a secure NiFi that uses LDAP, it seems to >require a >token that expires in 24 hours or so. I need this to be an automated >solution, so that is not going to work. Has anyone else tackled this >problem with a secure LDAP enabled cluster? > >Thanks, >Scott
