Reputation: 123
Unable to access NIFI Rest api of another server in secured mode
I am trying to access NIFI rest api of another server from my machine using ajax like below,
url:"https://serverip:port/nifi-api/",
{Authorization : 'Bearer ' + 'access token here'}
Getting Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource error.
Upvotes: 1
Views: 1974
Answers (1)
Reputation: 14194
Apache NiFi's API is designed to be invoked by a variety of clients, but in this case I think you are encountering a security precaution put in place by CORS (Cross-Origin Resource Sharing).
If a piece of code on server A (your non-NiFi machine) makes an AJAX request to a different origin (your NiFi instance), and the HTTP method is not GET (and some other minor restrictions), server A will first send a "preflight" request, which is HTTP OPTIONS, to the remote instance to determine what requests are valid. A server can reply to this with the header Access-Control-Allow-Origin: *, which is a wildcard value denoting it accepts requests from any origin. However, if you want to send credentials along with the request, the originating hostname must be explicitly listed in the response (Access-Control-Allow-Origin: https://serverA.com).
Because NiFi uses an embedded Jetty server to host the API, you may have to explicitly add a CrossOriginFilter as described here.
Upvotes: 1
Related Questions
- How to pass credential to NiFi rest api
- Cannot Connect to Nifi using localhost:8080/nifi
- How to expose secured Nifi URL
- How to make REST API call to Apache Nifi
- Nifi rest api Username/Password login not supported by this NiFi reponse
- Hosting an API in Nifi
- Apache NiFi REST Api using java
- How to invoke a remote REST service in NiFi
- nifi disabled controller-services rest api call failed
- Unable to access NIFI REST API using ajax in secured mode