You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2019/02/14 21:45:00 UTC
[jira] [Commented] (NIFI-6038) OIDC TokenRequest fails with some
OAuth2 providers
[ https://issues.apache.org/jira/browse/NIFI-6038?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16768742#comment-16768742 ]
ASF subversion and git services commented on NIFI-6038:
-------------------------------------------------------
Commit f61947627eeb707b13af2395da9c8ebc749fe811 in nifi's branch refs/heads/master from Michael W Moser
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=f619476 ]
NIFI-6038 Remove scope parameter from OIDC TokenRequest
This closes #3308
> OIDC TokenRequest fails with some OAuth2 providers
> --------------------------------------------------
>
> Key: NIFI-6038
> URL: https://issues.apache.org/jira/browse/NIFI-6038
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 1.8.0
> Reporter: Michael Moser
> Assignee: Michael Moser
> Priority: Major
> Time Spent: 40m
> Remaining Estimate: 0h
>
> I tried to integrate NiFi with a third party OAuth2 provider using OIDC, and I encountered problems. In particular I was working with ForgeRock Access Manager (AM) ([AM OIDC Guide|https://backstage.forgerock.com/docs/am/6/oidc1-guide/]). ForgeRock AM complains that the Access Token Request sent by NiFi incorrectly contains a scope parameter. Apparently it decides not to ignore the extra parameter and fails instead.
> The [RFC-6749|https://tools.ietf.org/html/rfc6749#page-29] and [OAuth2 documentation|https://www.oauth.com/oauth2-servers/access-tokens/authorization-code-request/] doesn't mention using a scope parameter in the Access Token Request.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)