nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vijay Jammi <vjammi.apa...@gmail.com>
Subject Extending StandardOidcIdentityProvider
Date Fri, 15 Jan 2021 18:25:05 GMT
Hello there,

I am trying to enable OIDC [OpenIDConnect/OAuth2.0] for our on prem Nifi
with our on prem Identity Provider [Microsoft ADFS].

Now, it looks like Nifi's authorization code flow requires a client id [
nifi.security.user.oidc.client.id] and client secret
[nifi.security.user.oidc.client.secret] to be able to exchange
Authorization Code for an Access and Id Token. However, our Authorization
Server only supports client id and x509 client certificate based
authentication [Client Assertion] for the exchange. So my question here is

 1. Is there way to configure Nifi for client id and x509 client
certificate for the exchange?
 2. If not, how can we extend Nifi for our need?

I am new to Nifi so please excuse me if this is trivial within the Nifi
development. I see a StandardOidcIdentityProvider under nifi-web-security.
Can I override the default functionality by making a custom bundle to
override or will I need to rebuild the bundle associated to
nifi-web-security and drop it into the Nifi lib?  Any guidance will be much
appreciated.

Thank you in advance.

Vijay Jammi

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message