Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-11343

Improve the flexibility and compatibility of OIDC integration

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • 1.20.0
    • None
    • Core UI, Security
    • None
    • JDK: 11
      Browser: Chrome / Firefox / Edge
      Configuration of NiFi: OIDC with AWS Cognito

    Description

      There are some OIDC providers that do not support for OIDC RP-Initiated Logout such as AWS Cognito. Therefore, when I try to integrate AWS Cognito with Nifi, the login function works well but the logout function does not. It would be nice if Apache Nifi could provide a way to configure OIDC more flexibly and compatibly with many OIDC providers. For example, in Apache Superset configuration (or Flask App Builder), it allows to enter ODIC configuration as the attached image. User can define authorize/request/refresh/logout URLs if they are not returned fromĀ 

      https://<oidc_provider_host>/.well-known/openid-configuration

      Or Nifi could add new properties to configure logout/refresh token URLs.

      Attachments

        1. Superset_OIDC.png
          27 kB
          Hung Nguyen Thuan

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. NIFI-8459 Logout not working properly with OIDC when using Auth0 as provider

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              hungnt61h Hung Nguyen Thuan
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: