You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by ex...@apache.org on 2022/07/20 15:36:50 UTC
[nifi-site] branch asf-staging updated: NIFI-9802 Added NiFi Registry documentation for 1.16.3
This is an automated email from the ASF dual-hosted git repository.
exceptionfactory pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/nifi-site.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new c67afbc NIFI-9802 Added NiFi Registry documentation for 1.16.3
c67afbc is described below
commit c67afbca87997bb6f4cf130200afaa8017011e9d
Author: exceptionfactory <ex...@apache.org>
AuthorDate: Wed Jul 20 10:35:41 2022 -0500
NIFI-9802 Added NiFi Registry documentation for 1.16.3
---
docs/nifi-registry-docs/css/component-usage.css | 192 +
docs/nifi-registry-docs/css/main.css | 217 +
.../html/administration-guide.html | 3681 ++++++
docs/nifi-registry-docs/html/getting-started.html | 746 ++
.../html/images/ABCD_flow_changes.png | Bin 0 -> 119728 bytes
.../html/images/ABCD_flow_in_test_bucket.png | Bin 0 -> 65823 bytes
.../html/images/ABCD_flow_saved.png | Bin 0 -> 156665 bytes
.../html/images/ABCD_process_group_menu.png | Bin 0 -> 185393 bytes
.../html/images/ABCD_save_flow_version_2.png | Bin 0 -> 111920 bytes
.../html/images/ABCD_version_2.png | Bin 0 -> 157133 bytes
.../html/images/add_user_button.png | Bin 0 -> 59897 bytes
.../html/images/add_user_dialog.png | Bin 0 -> 17823 bytes
.../html/images/add_user_to_groups_dialog.png | Bin 0 -> 29156 bytes
.../nifi-registry-docs/html/images/bucket_menu.png | Bin 0 -> 48479 bytes
.../images/bucket_nav_allow_bundle_overwrite.png | Bin 0 -> 74539 bytes
.../html/images/bucket_nav_make_public.png | Bin 0 -> 74649 bytes
.../html/images/bucket_nav_name_edit.png | Bin 0 -> 73116 bytes
.../html/images/buckets_filter_by_name.png | Bin 0 -> 49859 bytes
.../html/images/buckets_sort_by_name.png | Bin 0 -> 59859 bytes
.../html/images/changed_flow_options.png | Bin 0 -> 212864 bytes
.../html/images/check_multiple_buckets.png | Bin 0 -> 62281 bytes
.../html/images/check_multiple_users.png | Bin 0 -> 60431 bytes
.../html/images/controller-settings-selection.png | Bin 0 -> 142806 bytes
.../html/images/create_new_group.png | Bin 0 -> 63792 bytes
.../html/images/create_new_group_dialog.png | Bin 0 -> 21564 bytes
.../html/images/delete_bucket_dialog.png | Bin 0 -> 17736 bytes
.../html/images/delete_bucket_policy.png | Bin 0 -> 94634 bytes
.../html/images/delete_bucket_policy_dialog.png | Bin 0 -> 20881 bytes
.../html/images/delete_bucket_single.png | Bin 0 -> 62781 bytes
.../html/images/delete_buckets_dialog.png | Bin 0 -> 19357 bytes
.../html/images/delete_multiple_buckets.png | Bin 0 -> 65092 bytes
.../html/images/delete_multiple_users.png | Bin 0 -> 64823 bytes
.../html/images/delete_user_dialog.png | Bin 0 -> 15769 bytes
.../html/images/delete_user_single.png | Bin 0 -> 61305 bytes
.../html/images/delete_users_groups_dialog.png | Bin 0 -> 26343 bytes
.../html/images/drag_process_group.png | Bin 0 -> 163108 bytes
.../html/images/empty_registry.png | Bin 0 -> 34853 bytes
.../html/images/export_version.png | Bin 0 -> 67843 bytes
.../html/images/export_version_action.png | Bin 0 -> 77348 bytes
.../html/images/flow_change_log.png | Bin 0 -> 84484 bytes
.../html/images/flow_delete_action.png | Bin 0 -> 89262 bytes
.../html/images/flow_delete_confirm.png | Bin 0 -> 69960 bytes
docs/nifi-registry-docs/html/images/flows_all.png | Bin 0 -> 41624 bytes
.../html/images/flows_filter_by_name.png | Bin 0 -> 26404 bytes
.../html/images/flows_sort_menu.png | Bin 0 -> 46980 bytes
.../nifi-registry-docs/html/images/group_added.png | Bin 0 -> 92440 bytes
docs/nifi-registry-docs/html/images/iconDelete.png | Bin 0 -> 695 bytes
docs/nifi-registry-docs/html/images/iconHelp.png | Bin 0 -> 970 bytes
.../html/images/iconLocallyModified.png | Bin 0 -> 1247 bytes
docs/nifi-registry-docs/html/images/iconManage.png | Bin 0 -> 748 bytes
.../html/images/iconSettings.png | Bin 0 -> 887 bytes
.../html/images/iconUpToDate.png | Bin 0 -> 996 bytes
.../html/images/import_ABCD_version_2.png | Bin 0 -> 113797 bytes
.../html/images/import_flow_from_registry.png | Bin 0 -> 117875 bytes
.../html/images/import_new_flow.png | Bin 0 -> 51584 bytes
.../html/images/import_new_flow_button.png | Bin 0 -> 43547 bytes
.../html/images/import_new_version.png | Bin 0 -> 71393 bytes
.../html/images/import_new_version_action.png | Bin 0 -> 71722 bytes
.../html/images/local_registry.png | Bin 0 -> 70503 bytes
.../html/images/loginRegistry.png | Bin 0 -> 15560 bytes
.../html/images/manage_bucket.png | Bin 0 -> 63105 bytes
.../nifi-registry-docs/html/images/manage_user.png | Bin 0 -> 62620 bytes
.../html/images/new_bucket_button.png | Bin 0 -> 61133 bytes
.../html/images/new_bucket_dialog.png | Bin 0 -> 22630 bytes
.../html/images/new_bucket_policy_added.png | Bin 0 -> 83416 bytes
.../html/images/new_bucket_policy_create.png | Bin 0 -> 72899 bytes
.../images/new_bucket_policy_user_permission.png | Bin 0 -> 28727 bytes
.../html/images/new_test_bucket.png | Bin 0 -> 54131 bytes
.../html/images/nifi-registry-components.png | Bin 0 -> 68544 bytes
.../html/images/remove_group_from_user.png | Bin 0 -> 99590 bytes
.../html/images/remove_user_from_group.png | Bin 0 -> 112981 bytes
.../html/images/save_ABCD_flow_dialog.png | Bin 0 -> 106088 bytes
.../html/images/select_users_create_new_group.png | Bin 0 -> 73927 bytes
.../select_users_create_new_group_dialog.png | Bin 0 -> 21597 bytes
.../html/images/select_users_new_group_added.png | Bin 0 -> 111636 bytes
.../nifi-registry-docs/html/images/test_bucket.png | Bin 0 -> 52937 bytes
.../html/images/test_bucket_dialog.png | Bin 0 -> 78443 bytes
.../html/images/two_ABCD_flows.png | Bin 0 -> 174863 bytes
.../html/images/user_nav_add_to_group.png | Bin 0 -> 97855 bytes
.../html/images/user_nav_name_edit.png | Bin 0 -> 83547 bytes
.../html/images/user_special_privileges.png | Bin 0 -> 98657 bytes
.../html/images/users_filter_by_name.png | Bin 0 -> 50482 bytes
.../html/images/users_non_configurable.png | Bin 0 -> 27133 bytes
.../html/images/users_sort_by_name.png | Bin 0 -> 59613 bytes
docs/nifi-registry-docs/html/user-guide.html | 1658 +++
docs/nifi-registry-docs/images/bgBannerFoot.png | Bin 0 -> 189 bytes
docs/nifi-registry-docs/images/bgHeader.png | Bin 0 -> 1455 bytes
.../nifi-registry-docs/images/registry-favicon.png | Bin 0 -> 388 bytes
docs/nifi-registry-docs/index.html | 69 +
docs/nifi-registry-docs/js/application.js | 400 +
docs/nifi-registry-docs/js/jquery.min.js | 4 +
docs/nifi-registry-docs/rest-api/index.html | 13107 +++++++++++++++++++
.../assets/fonts/fontawesome-webfont.ttf?v=4.7.0 | Bin 0 -> 165548 bytes
.../assets/fonts/fontawesome-webfont.woff2?v=4.7.0 | Bin 0 -> 77160 bytes
.../assets/fonts/fontawesome-webfont.woff?v=4.7.0 | Bin 0 -> 98024 bytes
.../assets/images/registry-logo-web-app.svg | 17 +
.../nf-registry.bundle.min.57fe7b2b400e4959fc38.js | 1 +
.../nf-registry.style.min.f3149dda93b2e7181d22.css | 7 +
.../styles/font/MaterialIcons-Regular-v48.woff2 | Bin 0 -> 60840 bytes
.../fonts/roboto-slab/Roboto-Slab-Regular.woff2 | Bin 0 -> 66444 bytes
.../roboto-fontface/fonts/roboto/Roboto-Bold.woff2 | Bin 0 -> 64740 bytes
.../fonts/roboto/Roboto-Light.woff2 | Bin 0 -> 64320 bytes
.../fonts/roboto/Roboto-Medium.woff2 | Bin 0 -> 65484 bytes
.../fonts/roboto/Roboto-Regular.woff2 | Bin 0 -> 64632 bytes
docs/nifi-registry/registry-favicon.png | Bin 0 -> 388 bytes
.../vendor.min.1cd97ff07a6586a20ff5.js | 6645 ++++++++++
106 files changed, 26744 insertions(+)
diff --git a/docs/nifi-registry-docs/css/component-usage.css b/docs/nifi-registry-docs/css/component-usage.css
new file mode 100644
index 0000000..65f62ca
--- /dev/null
+++ b/docs/nifi-registry-docs/css/component-usage.css
@@ -0,0 +1,192 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+@import "https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic|Noto+Serif:400,400italic,700,700italic|Droid+Sans+Mono:400";
+
+html, html a {
+ -webkit-font-smoothing: antialiased;
+ text-shadow: 1px 1px 1px rgba(0,0,0,0.004);
+}
+
+body {
+ margin: 0 auto;
+ display: block;
+ font-family: "Open Sans","DejaVu Sans",sans-serif;
+ padding-left: 20px;
+}
+
+.title {
+ font-weight: bold;
+ color: #7a2518;
+ font-size: 18px;
+}
+
+.hidden {
+ display: none;
+}
+
+/* tables */
+
+table {
+ color:#666;
+ font-size:14px;
+ background:#eaebec;
+ border:#ccc 1px solid;
+ -webkit-border-radius:3px;
+ border-radius:3px;
+ width: 100%;
+ word-wrap: break-word;
+}
+
+table th {
+ padding:11px 15px 12px 15px;
+ border-top:1px solid #fafafa;
+ border-bottom:1px solid #e0e0e0;
+
+ background: #ededed;
+}
+
+table th:first-child {
+ text-align: left;
+ padding-left:10px;
+}
+
+table th:last-child {
+ text-align: left;
+ padding-left:10px;
+}
+
+table tr:first-child th:first-child {
+ border-top-left-radius:3px;
+}
+
+table tr:first-child th:last-child {
+ border-top-right-radius:3px;
+}
+
+table tr {
+ text-align: center;
+ padding-left:10px;
+}
+
+table td:first-child {
+ text-align: left;
+ padding-left:10px;
+ border-left: 0;
+}
+
+table td:last-child {
+ text-align: left;
+ padding-left:10px;
+ border-left: 0;
+ vertical-align: top;
+
+}
+
+table td {
+ padding:12px;
+ background: #fafafa;
+}
+
+table tr:last-child td {
+ border-bottom:0;
+}
+
+table tr:last-child td:first-child {
+ border-bottom-left-radius:3px;
+}
+
+table tr:last-child td:last-child {
+ border-bottom-right-radius:3px;
+}
+
+td#default-value, td#name, td#value {
+ max-width: 200px;
+}
+
+td#allowable-values {
+ max-width: 300px;
+}
+
+td#description {
+ vertical-align: middle;
+}
+
+td#bundle-info {
+ max-width: 50px;
+}
+
+/* links */
+
+a, a:link, a:visited {
+ cursor: pointer;
+ color: #2156a5;
+ text-decoration: none;
+ border: none;
+}
+
+a:hover, a:active {
+ color: #2156a5;
+ text-decoration: none;
+ border: none;
+}
+
+.clear {
+ clear: both;
+}
+
+/* p */
+
+p {
+ font-family: 'Noto Serif', 'DejaVu Serif', serif;
+ font-size: 16px;
+}
+
+p strong {
+ font-weight: bold;
+}
+
+/* ul li */
+td ul {
+ margin: 0px 0px 0px 0px;
+ padding-left: 20px;
+}
+ul li {
+ text-align: left;
+ display: list-item;
+}
+
+ul li strong {
+ font-weight: bold;
+}
+
+h2 {
+ font-weight: normal;
+ color: #ba3925;
+}
+
+/* pre */
+
+pre {
+ font-size: 14px;
+ background-color: #fefefe;
+ border: 1px solid #ccc;
+ border-left: 6px solid #ccc;
+ color: #555;
+ margin-bottom: 10px;
+ padding: 5px 8px;
+}
diff --git a/docs/nifi-registry-docs/css/main.css b/docs/nifi-registry-docs/css/main.css
new file mode 100644
index 0000000..8b50064
--- /dev/null
+++ b/docs/nifi-registry-docs/css/main.css
@@ -0,0 +1,217 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+* {
+ margin: 0;
+ padding: 0;
+}
+
+#documentation-body {
+ width: 100%;
+ position: absolute;
+ top: 0;
+ right: 0;
+ bottom: 0;
+ left: 0;
+}
+
+/* banners */
+
+div.main-banner-header {
+ display: none;
+ font-weight: bold;
+ font-size: 1em;
+ text-align: center;
+ line-height: 15px;
+ color: #7e7e7e;
+ margin: 0px auto;
+ width: 100%;
+ height: 1em;
+ background-color: #fff;
+ background-image: url(../images/bgHeader.png);
+ background-position: center;
+ background-repeat: no-repeat;
+}
+
+div.main-banner-footer {
+ display: none;
+ color: #fff;
+ text-align: center;
+ font-weight: bold;
+ font-size: 1em;
+ overflow: visible;
+ background-color: #9eb9c7;
+ background-image: url(../images/bgBannerFoot.png);
+ background-repeat: repeat-x;
+ background-position: left top;
+}
+
+/* documentation */
+
+div.documentation-header {
+ border-bottom: 1px solid #d1dee5;
+ color: #365c6a;
+ font-size: 13px;
+ display: flex;
+}
+
+#component-list-toggle-link {
+ padding: 4px;
+ font-size: 14px;
+ font-weight: bold;
+ color: #264c58;
+ cursor: pointer;
+ width: 12px;
+ text-align: center;
+ align-self: flex-end;
+}
+
+#header-contents {
+ display: flex;
+ flex-wrap: wrap;
+}
+
+#nf-title {
+ font-size: 20px;
+ margin: 5px 5px 0px 5px;
+}
+
+#nf-version {
+ font-size: 14px;
+ margin: 11px 5px 0px 5px;
+ flex-grow: 1;
+}
+
+.version {
+ font-style: italic;
+ color: #aaa;
+}
+
+#selected-component {
+ font-size: 20px;
+ margin: 5px 5px 0px 5px;
+}
+
+/* content flex-box containers */
+
+#component-root-container {
+ display: flex;
+ flex-wrap: wrap;
+ align-items: stretch;
+ width: 100%;
+}
+
+#component-listing-container {
+ flex-grow: 1;
+ min-width: 312px;
+ max-width: 350px;
+ padding: 0px 4px 0px 4px;
+}
+
+#component-usage-container {
+ flex-grow: 4;
+ min-width: 300px;
+ padding: 0px 4px 0px 4px;
+}
+
+/* component listing */
+
+div.component-listing {
+ overflow: auto;
+ font-size: 16px;
+}
+
+div.component-listing div.section {
+ margin-bottom: 15px;
+}
+
+div.component-listing div.header {
+ font-weight: bold;
+ color: #264c58;
+}
+
+div.component-links ul {
+ list-style: none;
+}
+
+li.component-item {
+ padding: 2px;
+ padding-left: 4px;
+ border-left: 8px solid transparent;
+ font-family: "Open Sans","DejaVu Sans",sans-serif;
+ font-size: 15px;
+}
+
+li.component-item a {
+ color: #1e373f;
+}
+
+li.component-item:hover {
+ border-left: 8px solid #d1dee5;
+}
+
+li.component-item:hover a {
+ color: #264c58;
+}
+
+li.component-item.selected {
+ border-left: 8px solid #7098ad;
+}
+
+div.component-links span.no-components {
+ font-style: italic;
+ color: #777;
+}
+
+/* component filter control */
+
+#component-filter-controls {
+}
+
+#component-filter-container {
+ margin-left: 2px;
+}
+
+#component-filter {
+ font-size: 12px;
+ height: 18px;
+ line-height: 20px;
+ width: 98%;
+ float: left;
+}
+
+input.component-filter-list {
+ color: #888;
+ font-style: italic;
+}
+
+#component-filter-stats {
+ font-size: 9px;
+ font-weight: bold;
+ color: #9f6000;
+ clear: left;
+ line-height: normal;
+ margin-left: 7px;
+}
+
+/* component usage */
+
+#component-usage {
+ overflow: auto;
+ width: 100%;
+ height: 100%;
+ position: absolute;
+}
\ No newline at end of file
diff --git a/docs/nifi-registry-docs/html/administration-guide.html b/docs/nifi-registry-docs/html/administration-guide.html
new file mode 100644
index 0000000..8dbb0e0
--- /dev/null
+++ b/docs/nifi-registry-docs/html/administration-guide.html
@@ -0,0 +1,3681 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<!--[if IE]><meta http-equiv="X-UA-Compatible" content="IE=edge"><![endif]-->
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<meta name="generator" content="Asciidoctor 1.5.8">
+<meta name="author" content="Apache NiFi Team">
+<title>Apache NiFi Registry System Administrator’s Guide</title>
+<style>
+/* Asciidoctor default stylesheet | MIT License | https://asciidoctor.org */
+/* Copyright (C) 2012-2015 Dan Allen, Ryan Waldron and the Asciidoctor Project
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE. */
+/* Remove the comments around the @import statement below when using this as a custom stylesheet */
+@import "https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400";
+article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section,summary{display:block}
+audio,canvas,video{display:inline-block}
+audio:not([controls]){display:none;height:0}
+[hidden],template{display:none}
+script{display:none!important}
+html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}
+body{margin:0}
+a{background:transparent}
+a:focus{outline:thin dotted}
+a:active,a:hover{outline:0}
+h1{font-size:2em;margin:.67em 0}
+abbr[title]{border-bottom:1px dotted}
+b,strong{font-weight:bold}
+dfn{font-style:italic}
+hr{-moz-box-sizing:content-box;box-sizing:content-box;height:0}
+mark{background:#ff0;color:#000}
+code,kbd,pre,samp{font-family:monospace;font-size:1em}
+pre{white-space:pre-wrap}
+q{quotes:"\201C" "\201D" "\2018" "\2019"}
+small{font-size:80%}
+sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}
+sup{top:-.5em}
+sub{bottom:-.25em}
+img{border:0}
+svg:not(:root){overflow:hidden}
+figure{margin:0}
+fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em}
+legend{border:0;padding:0}
+button,input,select,textarea{font-family:inherit;font-size:100%;margin:0}
+button,input{line-height:normal}
+button,select{text-transform:none}
+button,html input[type="button"],input[type="reset"],input[type="submit"]{-webkit-appearance:button;cursor:pointer}
+button[disabled],html input[disabled]{cursor:default}
+input[type="checkbox"],input[type="radio"]{box-sizing:border-box;padding:0}
+input[type="search"]{-webkit-appearance:textfield;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;box-sizing:content-box}
+input[type="search"]::-webkit-search-cancel-button,input[type="search"]::-webkit-search-decoration{-webkit-appearance:none}
+button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0}
+textarea{overflow:auto;vertical-align:top}
+table{border-collapse:collapse;border-spacing:0}
+*,*:before,*:after{-moz-box-sizing:border-box;-webkit-box-sizing:border-box;box-sizing:border-box}
+html,body{font-size:100%}
+body{background:#fff;color:rgba(0,0,0,.8);padding:0;margin:0;font-family:"Noto Serif","DejaVu Serif",serif;font-weight:400;font-style:normal;line-height:1;position:relative;cursor:auto}
+a:hover{cursor:pointer}
+img,object,embed{max-width:100%;height:auto}
+object,embed{height:100%}
+img{-ms-interpolation-mode:bicubic}
+#map_canvas img,#map_canvas embed,#map_canvas object,.map_canvas img,.map_canvas embed,.map_canvas object{max-width:none!important}
+.left{float:left!important}
+.right{float:right!important}
+.text-left{text-align:left!important}
+.text-right{text-align:right!important}
+.text-center{text-align:center!important}
+.text-justify{text-align:justify!important}
+.hide{display:none}
+.antialiased,body{-webkit-font-smoothing:antialiased}
+img{display:inline-block;vertical-align:middle}
+textarea{height:auto;min-height:50px}
+select{width:100%}
+p.lead,.paragraph.lead>p,#preamble>.sectionbody>.paragraph:first-of-type p{font-size:1.21875em;line-height:1.6}
+.subheader,.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{line-height:1.45;color:#7a2518;font-weight:400;margin-top:0;margin-bottom:.25em}
+div,dl,dt,dd,ul,ol,li,h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6,pre,form,p,blockquote,th,td{margin:0;padding:0;direction:ltr}
+a{color:#2156a5;text-decoration:underline;line-height:inherit}
+a:hover,a:focus{color:#1d4b8f}
+a img{border:none}
+p{font-family:inherit;font-weight:400;font-size:1em;line-height:1.6;margin-bottom:1.25em;text-rendering:optimizeLegibility}
+p aside{font-size:.875em;line-height:1.35;font-style:italic}
+h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{font-family:"Open Sans","DejaVu Sans",sans-serif;font-weight:300;font-style:normal;color:#ba3925;text-rendering:optimizeLegibility;margin-top:1em;margin-bottom:.5em;line-height:1.0125em}
+h1 small,h2 small,h3 small,#toctitle small,.sidebarblock>.content>.title small,h4 small,h5 small,h6 small{font-size:60%;color:#e99b8f;line-height:0}
+h1{font-size:2.125em}
+h2{font-size:1.6875em}
+h3,#toctitle,.sidebarblock>.content>.title{font-size:1.375em}
+h4,h5{font-size:1.125em}
+h6{font-size:1em}
+hr{border:solid #ddddd8;border-width:1px 0 0;clear:both;margin:1.25em 0 1.1875em;height:0}
+em,i{font-style:italic;line-height:inherit}
+strong,b{font-weight:bold;line-height:inherit}
+small{font-size:60%;line-height:inherit}
+code{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;color:rgba(0,0,0,.9);padding-right: 1px;}
+ul,ol,dl{font-size:1em;line-height:1.6;margin-bottom:1.25em;list-style-position:outside;font-family:inherit}
+ul,ol,ul.no-bullet,ol.no-bullet{margin-left:1.5em}
+ul li ul,ul li ol{margin-left:1.25em;margin-bottom:0;font-size:1em}
+ul.square li ul,ul.circle li ul,ul.disc li ul{list-style:inherit}
+ul.square{list-style-type:square}
+ul.circle{list-style-type:circle}
+ul.disc{list-style-type:disc}
+ul.no-bullet{list-style:none}
+ol li ul,ol li ol{margin-left:1.25em;margin-bottom:0}
+dl dt{margin-bottom:.3125em;font-weight:bold}
+dl dd{margin-bottom:1.25em}
+abbr,acronym{text-transform:uppercase;font-size:90%;color:rgba(0,0,0,.8);border-bottom:1px dotted #ddd;cursor:help}
+abbr{text-transform:none}
+blockquote{margin:0 0 1.25em;padding:.5625em 1.25em 0 1.1875em;border-left:1px solid #ddd}
+blockquote cite{display:block;font-size:.9375em;color:rgba(0,0,0,.6)}
+blockquote cite:before{content:"\2014 \0020"}
+blockquote cite a,blockquote cite a:visited{color:rgba(0,0,0,.6)}
+blockquote,blockquote p{line-height:1.6;color:rgba(0,0,0,.85)}
+@media only screen and (min-width:768px){h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2}
+h1{font-size:2.75em}
+h2{font-size:2.3125em}
+h3,#toctitle,.sidebarblock>.content>.title{font-size:1.6875em}
+h4{font-size:1.4375em}}table{background:#fff;margin-bottom:1.25em;border:solid 1px #dedede}
+table thead,table tfoot{background:#f7f8f7;font-weight:bold}
+table thead tr th,table thead tr td,table tfoot tr th,table tfoot tr td{padding:.5em .625em .625em;font-size:inherit;color:rgba(0,0,0,.8);text-align:left}
+table tr th,table tr td{padding:.5625em .625em;font-size:inherit;color:rgba(0,0,0,.8)}
+table tr.even,table tr.alt,table tr:nth-of-type(even){background:#f8f8f7}
+table thead tr th,table tfoot tr th,table tbody tr td,table tr td,table tfoot tr td{display:table-cell;line-height:1.6}
+h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2;word-spacing:-.05em}
+h1 strong,h2 strong,h3 strong,#toctitle strong,.sidebarblock>.content>.title strong,h4 strong,h5 strong,h6 strong{font-weight:400}
+.clearfix:before,.clearfix:after,.float-group:before,.float-group:after{content:" ";display:table}
+.clearfix:after,.float-group:after{clear:both}
+*:not(pre)>code{font-size:.9375em;font-style:normal!important;letter-spacing:0;word-spacing:-.15em;background-color:#f7f7f8;-webkit-border-radius:4px;border-radius:4px;line-height:1.45;text-rendering:optimizeSpeed}
+pre,pre>code{line-height:1.45;color:rgba(0,0,0,.9);font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;text-rendering:optimizeSpeed}
+.keyseq{color:rgba(51,51,51,.8)}
+kbd{display:inline-block;color:rgba(0,0,0,.8);font-size:.75em;line-height:1.4;background-color:#f7f7f7;border:1px solid #ccc;-webkit-border-radius:3px;border-radius:3px;-webkit-box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em white inset;box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em #fff inset;margin:-.15em .15em 0 .15em;padding:.2em .6em .2em .5em;vertical-align:middle;white-space:nowrap}
+.keyseq kbd:first-child{margin-left:0}
+.keyseq kbd:last-child{margin-right:0}
+.menuseq,.menu{color:rgba(0,0,0,.8)}
+b.button:before,b.button:after{position:relative;top:-1px;font-weight:400}
+b.button:before{content:"[";padding:0 3px 0 2px}
+b.button:after{content:"]";padding:0 2px 0 3px}
+p a>code:hover{color:rgba(0,0,0,.9)}
+#header,#content,#footnotes,#footer{width:100%;margin-left:auto;margin-right:auto;margin-top:0;margin-bottom:0;max-width:62.5em;*zoom:1;position:relative;padding-left:.9375em;padding-right:.9375em}
+#header:before,#header:after,#content:before,#content:after,#footnotes:before,#footnotes:after,#footer:before,#footer:after{content:" ";display:table}
+#header:after,#content:after,#footnotes:after,#footer:after{clear:both}
+#content{margin-top:1.25em}
+#content:before{content:none}
+#header>h1:first-child{color:rgba(0,0,0,.85);margin-top:2.25rem;margin-bottom:0}
+#header>h1:first-child+#toc{margin-top:8px;border-top:1px solid #ddddd8}
+#header>h1:only-child,body.toc2 #header>h1:nth-last-child(2){border-bottom:1px solid #ddddd8;padding-bottom:8px}
+#header .details{border-bottom:1px solid #ddddd8;line-height:1.45;padding-top:.25em;padding-bottom:.25em;padding-left:.25em;color:rgba(0,0,0,.6);display:-ms-flexbox;display:-webkit-flex;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap}
+#header .details span:first-child{margin-left:-.125em}
+#header .details span.email a{color:rgba(0,0,0,.85)}
+#header .details br{display:none}
+#header .details br+span:before{content:"\00a0\2013\00a0"}
+#header .details br+span.author:before{content:"\00a0\22c5\00a0";color:rgba(0,0,0,.85)}
+#header .details br+span#revremark:before{content:"\00a0|\00a0"}
+#header #revnumber{text-transform:capitalize}
+#header #revnumber:after{content:"\00a0"}
+#content>h1:first-child:not([class]){color:rgba(0,0,0,.85);border-bottom:1px solid #ddddd8;padding-bottom:8px;margin-top:0;padding-top:1rem;margin-bottom:1.25rem}
+#toc{border-bottom:1px solid #efefed;padding-bottom:.5em}
+#toc>ul{margin-left:.125em}
+#toc ul.sectlevel0>li>a{font-style:italic}
+#toc ul.sectlevel0 ul.sectlevel1{margin:.5em 0}
+#toc ul{font-family:"Open Sans","DejaVu Sans",sans-serif;list-style-type:none}
+#toc a{text-decoration:none}
+#toc a:active{text-decoration:underline}
+#toctitle{color:#7a2518;font-size:1.2em}
+@media only screen and (min-width:768px){#toctitle{font-size:1.375em}
+body.toc2{padding-left:15em;padding-right:0}
+#toc.toc2{margin-top:0!important;background-color:#f8f8f7;position:fixed;width:15em;left:0;top:0;border-right:1px solid #efefed;border-top-width:0!important;border-bottom-width:0!important;z-index:1000;padding:1.25em 1em;height:100%;overflow:auto}
+#toc.toc2 #toctitle{margin-top:0;font-size:1.2em}
+#toc.toc2>ul{font-size:.9em;margin-bottom:0}
+#toc.toc2 ul ul{margin-left:0;padding-left:1em}
+#toc.toc2 ul.sectlevel0 ul.sectlevel1{padding-left:0;margin-top:.5em;margin-bottom:.5em}
+body.toc2.toc-right{padding-left:0;padding-right:15em}
+body.toc2.toc-right #toc.toc2{border-right-width:0;border-left:1px solid #efefed;left:auto;right:0}}@media only screen and (min-width:1280px){body.toc2{padding-left:20em;padding-right:0}
+#toc.toc2{width:20em}
+#toc.toc2 #toctitle{font-size:1.375em}
+#toc.toc2>ul{font-size:.95em}
+#toc.toc2 ul ul{padding-left:1.25em}
+body.toc2.toc-right{padding-left:0;padding-right:20em}}#content #toc{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px}
+#content #toc>:first-child{margin-top:0}
+#content #toc>:last-child{margin-bottom:0}
+#footer{max-width:100%;background-color:rgba(0,0,0,.8);padding:1.25em}
+#footer-text{color:rgba(255,255,255,.8);line-height:1.44}
+.sect1{padding-bottom:.625em}
+@media only screen and (min-width:768px){.sect1{padding-bottom:1.25em}}.sect1+.sect1{border-top:1px solid #efefed}
+#content h1>a.anchor,h2>a.anchor,h3>a.anchor,#toctitle>a.anchor,.sidebarblock>.content>.title>a.anchor,h4>a.anchor,h5>a.anchor,h6>a.anchor{position:absolute;z-index:1001;width:1.5ex;margin-left:-1.5ex;display:block;text-decoration:none!important;visibility:hidden;text-align:center;font-weight:400}
+#content h1>a.anchor:before,h2>a.anchor:before,h3>a.anchor:before,#toctitle>a.anchor:before,.sidebarblock>.content>.title>a.anchor:before,h4>a.anchor:before,h5>a.anchor:before,h6>a.anchor:before{content:"\00A7";font-size:.85em;display:block;padding-top:.1em}
+#content h1:hover>a.anchor,#content h1>a.anchor:hover,h2:hover>a.anchor,h2>a.anchor:hover,h3:hover>a.anchor,#toctitle:hover>a.anchor,.sidebarblock>.content>.title:hover>a.anchor,h3>a.anchor:hover,#toctitle>a.anchor:hover,.sidebarblock>.content>.title>a.anchor:hover,h4:hover>a.anchor,h4>a.anchor:hover,h5:hover>a.anchor,h5>a.anchor:hover,h6:hover>a.anchor,h6>a.anchor:hover{visibility:visible}
+#content h1>a.link,h2>a.link,h3>a.link,#toctitle>a.link,.sidebarblock>.content>.title>a.link,h4>a.link,h5>a.link,h6>a.link{color:#ba3925;text-decoration:none}
+#content h1>a.link:hover,h2>a.link:hover,h3>a.link:hover,#toctitle>a.link:hover,.sidebarblock>.content>.title>a.link:hover,h4>a.link:hover,h5>a.link:hover,h6>a.link:hover{color:#a53221}
+.audioblock,.imageblock,.literalblock,.listingblock,.stemblock,.videoblock{margin-bottom:1.25em}
+.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{text-rendering:optimizeLegibility;text-align:left;font-family:"Noto Serif","DejaVu Serif",serif;font-size:1rem;font-style:italic}
+table.tableblock>caption.title{white-space:nowrap;overflow:visible;max-width:0}
+.paragraph.lead>p,#preamble>.sectionbody>.paragraph:first-of-type p{color:rgba(0,0,0,.85)}
+table.tableblock #preamble>.sectionbody>.paragraph:first-of-type p{font-size:inherit}
+.admonitionblock>table{border-collapse:separate;border:0;background:none;width:100%}
+.admonitionblock>table td.icon{text-align:center;width:80px}
+.admonitionblock>table td.icon img{max-width:none}
+.admonitionblock>table td.icon .title{font-weight:bold;font-family:"Open Sans","DejaVu Sans",sans-serif;text-transform:uppercase}
+.admonitionblock>table td.content{padding-left:1.125em;padding-right:1.25em;border-left:1px solid #ddddd8;color:rgba(0,0,0,.6)}
+.admonitionblock>table td.content>:last-child>:last-child{margin-bottom:0}
+.exampleblock>.content{border-style:solid;border-width:1px;border-color:#e6e6e6;margin-bottom:1.25em;padding:1.25em;background:#fff;-webkit-border-radius:4px;border-radius:4px}
+.exampleblock>.content>:first-child{margin-top:0}
+.exampleblock>.content>:last-child{margin-bottom:0}
+.sidebarblock{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px}
+.sidebarblock>:first-child{margin-top:0}
+.sidebarblock>:last-child{margin-bottom:0}
+.sidebarblock>.content>.title{color:#7a2518;margin-top:0;text-align:center}
+.exampleblock>.content>:last-child>:last-child,.exampleblock>.content .olist>ol>li:last-child>:last-child,.exampleblock>.content .ulist>ul>li:last-child>:last-child,.exampleblock>.content .qlist>ol>li:last-child>:last-child,.sidebarblock>.content>:last-child>:last-child,.sidebarblock>.content .olist>ol>li:last-child>:last-child,.sidebarblock>.content .ulist>ul>li:last-child>:last-child,.sidebarblock>.content .qlist>ol>li:last-child>:last-child{margin-bottom:0}
+.literalblock pre,.listingblock pre:not(.highlight),.listingblock pre[class="highlight"],.listingblock pre[class^="highlight "],.listingblock pre.CodeRay,.listingblock pre.prettyprint{background:#f7f7f8}
+.sidebarblock .literalblock pre,.sidebarblock .listingblock pre:not(.highlight),.sidebarblock .listingblock pre[class="highlight"],.sidebarblock .listingblock pre[class^="highlight "],.sidebarblock .listingblock pre.CodeRay,.sidebarblock .listingblock pre.prettyprint{background:#f2f1f1}
+.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{-webkit-border-radius:4px;border-radius:4px;word-wrap:break-word;padding:1em;font-size:.8125em}
+.literalblock pre.nowrap,.literalblock pre[class].nowrap,.listingblock pre.nowrap,.listingblock pre[class].nowrap{overflow-x:auto;white-space:pre;word-wrap:normal}
+@media only screen and (min-width:768px){.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{font-size:.90625em}}@media only screen and (min-width:1280px){.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{font-size:1em}}.literalblock.output pre{color:#f7f7f8;background-color:rgba(0,0,0,.9)}
+.listingblock pre.highlightjs{padding:0}
+.listingblock pre.highlightjs>code{padding:1em;-webkit-border-radius:4px;border-radius:4px}
+.listingblock pre.prettyprint{border-width:0}
+.listingblock>.content{position:relative}
+.listingblock code[data-lang]:before{display:none;content:attr(data-lang);position:absolute;font-size:.75em;top:.425rem;right:.5rem;line-height:1;text-transform:uppercase;color:#999}
+.listingblock:hover code[data-lang]:before{display:block}
+.listingblock.terminal pre .command:before{content:attr(data-prompt);padding-right:.5em;color:#999}
+.listingblock.terminal pre .command:not([data-prompt]):before{content:"$"}
+table.pyhltable{border-collapse:separate;border:0;margin-bottom:0;background:none}
+table.pyhltable td{vertical-align:top;padding-top:0;padding-bottom:0}
+table.pyhltable td.code{padding-left:.75em;padding-right:0}
+pre.pygments .lineno,table.pyhltable td:not(.code){color:#999;padding-left:0;padding-right:.5em;border-right:1px solid #ddddd8}
+pre.pygments .lineno{display:inline-block;margin-right:.25em}
+table.pyhltable .linenodiv{background:none!important;padding-right:0!important}
+.quoteblock{margin:0 1em 1.25em 1.5em;display:table}
+.quoteblock>.title{margin-left:-1.5em;margin-bottom:.75em}
+.quoteblock blockquote,.quoteblock blockquote p{color:rgba(0,0,0,.85);font-size:1.15rem;line-height:1.75;word-spacing:.1em;letter-spacing:0;font-style:italic;text-align:justify}
+.quoteblock blockquote{margin:0;padding:0;border:0}
+.quoteblock blockquote:before{content:"\201c";float:left;font-size:2.75em;font-weight:bold;line-height:.6em;margin-left:-.6em;color:#7a2518;text-shadow:0 1px 2px rgba(0,0,0,.1)}
+.quoteblock blockquote>.paragraph:last-child p{margin-bottom:0}
+.quoteblock .attribution{margin-top:.5em;margin-right:.5ex;text-align:right}
+.quoteblock .quoteblock{margin-left:0;margin-right:0;padding:.5em 0;border-left:3px solid rgba(0,0,0,.6)}
+.quoteblock .quoteblock blockquote{padding:0 0 0 .75em}
+.quoteblock .quoteblock blockquote:before{display:none}
+.verseblock{margin:0 1em 1.25em 1em}
+.verseblock pre{font-family:"Open Sans","DejaVu Sans",sans;font-size:1.15rem;color:rgba(0,0,0,.85);font-weight:300;text-rendering:optimizeLegibility}
+.verseblock pre strong{font-weight:400}
+.verseblock .attribution{margin-top:1.25rem;margin-left:.5ex}
+.quoteblock .attribution,.verseblock .attribution{font-size:.9375em;line-height:1.45;font-style:italic}
+.quoteblock .attribution br,.verseblock .attribution br{display:none}
+.quoteblock .attribution cite,.verseblock .attribution cite{display:block;letter-spacing:-.05em;color:rgba(0,0,0,.6)}
+.quoteblock.abstract{margin:0 0 1.25em 0;display:block}
+.quoteblock.abstract blockquote,.quoteblock.abstract blockquote p{text-align:left;word-spacing:0}
+.quoteblock.abstract blockquote:before,.quoteblock.abstract blockquote p:first-of-type:before{display:none}
+table.tableblock{max-width:100%;border-collapse:separate}
+table.tableblock td>.paragraph:last-child p>p:last-child,table.tableblock th>p:last-child,table.tableblock td>p:last-child{margin-bottom:0}
+table.spread{width:100%}
+table.tableblock,th.tableblock,td.tableblock{border:0 solid #dedede}
+table.grid-all th.tableblock,table.grid-all td.tableblock{border-width:0 1px 1px 0}
+table.grid-all tfoot>tr>th.tableblock,table.grid-all tfoot>tr>td.tableblock{border-width:1px 1px 0 0}
+table.grid-cols th.tableblock,table.grid-cols td.tableblock{border-width:0 1px 0 0}
+table.grid-all *>tr>.tableblock:last-child,table.grid-cols *>tr>.tableblock:last-child{border-right-width:0}
+table.grid-rows th.tableblock,table.grid-rows td.tableblock{border-width:0 0 1px 0}
+table.grid-all tbody>tr:last-child>th.tableblock,table.grid-all tbody>tr:last-child>td.tableblock,table.grid-all thead:last-child>tr>th.tableblock,table.grid-rows tbody>tr:last-child>th.tableblock,table.grid-rows tbody>tr:last-child>td.tableblock,table.grid-rows thead:last-child>tr>th.tableblock{border-bottom-width:0}
+table.grid-rows tfoot>tr>th.tableblock,table.grid-rows tfoot>tr>td.tableblock{border-width:1px 0 0 0}
+table.frame-all{border-width:1px}
+table.frame-sides{border-width:0 1px}
+table.frame-topbot{border-width:1px 0}
+th.halign-left,td.halign-left{text-align:left}
+th.halign-right,td.halign-right{text-align:right}
+th.halign-center,td.halign-center{text-align:center}
+th.valign-top,td.valign-top{vertical-align:top}
+th.valign-bottom,td.valign-bottom{vertical-align:bottom}
+th.valign-middle,td.valign-middle{vertical-align:middle}
+table thead th,table tfoot th{font-weight:bold}
+tbody tr th{display:table-cell;line-height:1.6;background:#f7f8f7}
+tbody tr th,tbody tr th p,tfoot tr th,tfoot tr th p{color:rgba(0,0,0,.8);font-weight:bold}
+p.tableblock>code:only-child{background:none;padding:0}
+p.tableblock{font-size:1em}
+td>div.verse{white-space:pre}
+ol{margin-left:1.75em}
+ul li ol{margin-left:1.5em}
+dl dd{margin-left:1.125em}
+dl dd:last-child,dl dd:last-child>:last-child{margin-bottom:0}
+ol>li p,ul>li p,ul dd,ol dd,.olist .olist,.ulist .ulist,.ulist .olist,.olist .ulist{margin-bottom:.625em}
+ul.unstyled,ol.unnumbered,ul.checklist,ul.none{list-style-type:none}
+ul.unstyled,ol.unnumbered,ul.checklist{margin-left:.625em}
+ul.checklist li>p:first-child>.fa-square-o:first-child,ul.checklist li>p:first-child>.fa-check-square-o:first-child{width:1em;font-size:.85em}
+ul.checklist li>p:first-child>input[type="checkbox"]:first-child{width:1em;position:relative;top:1px}
+ul.inline{margin:0 auto .625em auto;margin-left:-1.375em;margin-right:0;padding:0;list-style:none;overflow:hidden}
+ul.inline>li{list-style:none;float:left;margin-left:1.375em;display:block}
+ul.inline>li>*{display:block}
+.unstyled dl dt{font-weight:400;font-style:normal}
+ol.arabic{list-style-type:decimal}
+ol.decimal{list-style-type:decimal-leading-zero}
+ol.loweralpha{list-style-type:lower-alpha}
+ol.upperalpha{list-style-type:upper-alpha}
+ol.lowerroman{list-style-type:lower-roman}
+ol.upperroman{list-style-type:upper-roman}
+ol.lowergreek{list-style-type:lower-greek}
+.hdlist>table,.colist>table{border:0;background:none}
+.hdlist>table>tbody>tr,.colist>table>tbody>tr{background:none}
+td.hdlist1{padding-right:.75em;font-weight:bold}
+td.hdlist1,td.hdlist2{vertical-align:top}
+.literalblock+.colist,.listingblock+.colist{margin-top:-.5em}
+.colist>table tr>td:first-of-type{padding:0 .75em;line-height:1}
+.colist>table tr>td:last-of-type{padding:.25em 0}
+.thumb,.th{line-height:0;display:inline-block;border:solid 4px #fff;-webkit-box-shadow:0 0 0 1px #ddd;box-shadow:0 0 0 1px #ddd}
+.imageblock.left,.imageblock[style*="float: left"]{margin:.25em .625em 1.25em 0}
+.imageblock.right,.imageblock[style*="float: right"]{margin:.25em 0 1.25em .625em}
+.imageblock>.title{margin-bottom:0}
+.imageblock.thumb,.imageblock.th{border-width:6px}
+.imageblock.thumb>.title,.imageblock.th>.title{padding:0 .125em}
+.image.left,.image.right{margin-top:.25em;margin-bottom:.25em;display:inline-block;line-height:0}
+.image.left{margin-right:.625em}
+.image.right{margin-left:.625em}
+a.image{text-decoration:none}
+span.footnote,span.footnoteref{vertical-align:super;font-size:.875em}
+span.footnote a,span.footnoteref a{text-decoration:none}
+span.footnote a:active,span.footnoteref a:active{text-decoration:underline}
+#footnotes{padding-top:.75em;padding-bottom:.75em;margin-bottom:.625em}
+#footnotes hr{width:20%;min-width:6.25em;margin:-.25em 0 .75em 0;border-width:1px 0 0 0}
+#footnotes .footnote{padding:0 .375em;line-height:1.3;font-size:.875em;margin-left:1.2em;text-indent:-1.2em;margin-bottom:.2em}
+#footnotes .footnote a:first-of-type{font-weight:bold;text-decoration:none}
+#footnotes .footnote:last-of-type{margin-bottom:0}
+#content #footnotes{margin-top:-.625em;margin-bottom:0;padding:.75em 0}
+.gist .file-data>table{border:0;background:#fff;width:100%;margin-bottom:0}
+.gist .file-data>table td.line-data{width:99%}
+div.unbreakable{page-break-inside:avoid}
+.big{font-size:larger}
+.small{font-size:smaller}
+.underline{text-decoration:underline}
+.overline{text-decoration:overline}
+.line-through{text-decoration:line-through}
+.aqua{color:#00bfbf}
+.aqua-background{background-color:#00fafa}
+.black{color:#000}
+.black-background{background-color:#000}
+.blue{color:#0000bf}
+.blue-background{background-color:#0000fa}
+.fuchsia{color:#bf00bf}
+.fuchsia-background{background-color:#fa00fa}
+.gray{color:#606060}
+.gray-background{background-color:#7d7d7d}
+.green{color:#006000}
+.green-background{background-color:#007d00}
+.lime{color:#00bf00}
+.lime-background{background-color:#00fa00}
+.maroon{color:#600000}
+.maroon-background{background-color:#7d0000}
+.navy{color:#000060}
+.navy-background{background-color:#00007d}
+.olive{color:#606000}
+.olive-background{background-color:#7d7d00}
+.purple{color:#600060}
+.purple-background{background-color:#7d007d}
+.red{color:#bf0000}
+.red-background{background-color:#fa0000}
+.silver{color:#909090}
+.silver-background{background-color:#bcbcbc}
+.teal{color:#006060}
+.teal-background{background-color:#007d7d}
+.white{color:#bfbfbf}
+.white-background{background-color:#fafafa}
+.yellow{color:#bfbf00}
+.yellow-background{background-color:#fafa00}
+span.icon>.fa{cursor:default}
+.admonitionblock td.icon [class^="fa icon-"]{font-size:2.5em;text-shadow:1px 1px 2px rgba(0,0,0,.5);cursor:default}
+.admonitionblock td.icon .icon-note:before{content:"\f05a";color:#19407c}
+.admonitionblock td.icon .icon-tip:before{content:"\f0eb";text-shadow:1px 1px 2px rgba(155,155,0,.8);color:#111}
+.admonitionblock td.icon .icon-warning:before{content:"\f071";color:#bf6900}
+.admonitionblock td.icon .icon-caution:before{content:"\f06d";color:#bf3400}
+.admonitionblock td.icon .icon-important:before{content:"\f06a";color:#bf0000}
+.conum[data-value]{display:inline-block;color:#fff!important;background-color:rgba(0,0,0,.8);-webkit-border-radius:100px;border-radius:100px;text-align:center;font-size:.75em;width:1.67em;height:1.67em;line-height:1.67em;font-family:"Open Sans","DejaVu Sans",sans-serif;font-style:normal;font-weight:bold}
+.conum[data-value] *{color:#fff!important}
+.conum[data-value]+b{display:none}
+.conum[data-value]:after{content:attr(data-value)}
+pre .conum[data-value]{position:relative;top:-.125em}
+b.conum *{color:inherit!important}
+.conum:not([data-value]):empty{display:none}
+h1,h2{letter-spacing:-.01em}
+dt,th.tableblock,td.content{text-rendering:optimizeLegibility}
+p,td.content{letter-spacing:-.01em}
+p strong,td.content strong{letter-spacing:-.005em}
+p,blockquote,dt,td.content{font-size:1.0625rem}
+p{margin-bottom:1.25rem}
+.sidebarblock p,.sidebarblock dt,.sidebarblock td.content,p.tableblock{font-size:1em}
+.exampleblock>.content{background-color:#fffef7;border-color:#e0e0dc;-webkit-box-shadow:0 1px 4px #e0e0dc;box-shadow:0 1px 4px #e0e0dc}
+.print-only{display:none!important}
+@media print{@page{margin:1.25cm .75cm}
+*{-webkit-box-shadow:none!important;box-shadow:none!important;text-shadow:none!important}
+a{color:inherit!important;text-decoration:underline!important}
+a.bare,a[href^="#"],a[href^="mailto:"]{text-decoration:none!important}
+a[href^="http:"]:not(.bare):after,a[href^="https:"]:not(.bare):after{content:"(" attr(href) ")";display:inline-block;font-size:.875em;padding-left:.25em}
+abbr[title]:after{content:" (" attr(title) ")"}
+pre,blockquote,tr,img{page-break-inside:avoid}
+thead{display:table-header-group}
+img{max-width:100%!important}
+p,blockquote,dt,td.content{font-size:1em;orphans:3;widows:3}
+h2,h3,#toctitle,.sidebarblock>.content>.title{page-break-after:avoid}
+#toc,.sidebarblock,.exampleblock>.content{background:none!important}
+#toc{border-bottom:1px solid #ddddd8!important;padding-bottom:0!important}
+.sect1{padding-bottom:0!important}
+.sect1+.sect1{border:0!important}
+#header>h1:first-child{margin-top:1.25rem}
+body.book #header{text-align:center}
+body.book #header>h1:first-child{border:0!important;margin:2.5em 0 1em 0}
+body.book #header .details{border:0!important;display:block;padding:0!important}
+body.book #header .details span:first-child{margin-left:0!important}
+body.book #header .details br{display:block}
+body.book #header .details br+span:before{content:none!important}
+body.book #toc{border:0!important;text-align:left!important;padding:0!important;margin:0!important}
+body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-break-before:always}
+.listingblock code[data-lang]:before{display:block}
+#footer{background:none!important;padding:0 .9375em}
+#footer-text{color:rgba(0,0,0,.6)!important;font-size:.9em}
+.hide-on-print{display:none!important}
+.print-only{display:block!important}
+.hide-for-print{display:none!important}
+.show-for-print{display:inherit!important}}
+</style>
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
+</head>
+<body class="article">
+<div id="header">
+<h1>Apache NiFi Registry System Administrator’s Guide</h1>
+<div class="details">
+<span id="author" class="author">Apache NiFi Team</span><br>
+<span id="email" class="email"><a href="mailto:dev@nifi.apache.org">dev@nifi.apache.org</a></span><br>
+</div>
+<div id="toc" class="toc">
+<div id="toctitle">Table of Contents</div>
+<ul class="sectlevel1">
+<li><a href="administration-guide.html#system-requirements">System Requirements</a></li>
+<li><a href="administration-guide.html#how-to-install-and-start-nifi-registry">How to install and start NiFi Registry</a></li>
+<li><a href="administration-guide.html#recommended-antivirus-exclusions">Recommended Antivirus Exclusions</a></li>
+<li><a href="administration-guide.html#security_configuration">Security Configuration</a></li>
+<li><a href="administration-guide.html#user_authentication">User Authentication</a>
+<ul class="sectlevel2">
+<li><a href="administration-guide.html#ldap_identity_provider">Lightweight Directory Access Protocol (LDAP)</a></li>
+<li><a href="administration-guide.html#kerberos_identity_provider">Kerberos</a></li>
+</ul>
+</li>
+<li><a href="administration-guide.html#authorization">Authorization</a>
+<ul class="sectlevel2">
+<li><a href="administration-guide.html#authorizer-configuration">Authorizer Configuration</a></li>
+<li><a href="administration-guide.html#authorizers-setup">Authorizers.xml Setup</a></li>
+<li><a href="administration-guide.html#access-policies">Access Policies</a></li>
+</ul>
+</li>
+<li><a href="administration-guide.html#encrypted-passwords-in-configuration-files">Encrypted Passwords in Configuration Files</a>
+<ul class="sectlevel2">
+<li><a href="administration-guide.html#encrypt-config_tool">Encrypt-Config Tool</a></li>
+<li><a href="administration-guide.html#sensitive-property-key-migration">Sensitive Property Key Migration</a></li>
+</ul>
+</li>
+<li><a href="administration-guide.html#bootstrap_properties">Bootstrap Properties</a></li>
+<li><a href="administration-guide.html#proxy_configuration">Proxy Configuration</a></li>
+<li><a href="administration-guide.html#kerberos_service">Kerberos Service</a>
+<ul class="sectlevel2">
+<li><a href="administration-guide.html#kerberos_service_notes">Notes</a></li>
+</ul>
+</li>
+<li><a href="administration-guide.html#system_properties">System Properties</a>
+<ul class="sectlevel2">
+<li><a href="administration-guide.html#web-properties">Web Properties</a></li>
+<li><a href="administration-guide.html#security-properties">Security Properties</a></li>
+<li><a href="administration-guide.html#identity-mapping-properties">Identity Mapping Properties</a></li>
+<li><a href="administration-guide.html#providers-properties">Providers Properties</a></li>
+<li><a href="administration-guide.html#alias-properties">Alias Properties</a></li>
+<li><a href="administration-guide.html#database-properties">Database Properties</a></li>
+<li><a href="administration-guide.html#extension-directories">Extension Directories</a></li>
+<li><a href="administration-guide.html#kerberos_properties">Kerberos Properties</a></li>
+</ul>
+</li>
+<li><a href="administration-guide.html#metadata-database">Metadata Database</a>
+<ul class="sectlevel2">
+<li><a href="administration-guide.html#h2">H2</a></li>
+<li><a href="administration-guide.html#postgres">Postgres</a></li>
+<li><a href="administration-guide.html#mysql">MySQL</a></li>
+</ul>
+</li>
+<li><a href="administration-guide.html#schema-differences-limitations">Schema Differences & Limitations</a></li>
+<li><a href="administration-guide.html#persistence-providers">Persistence Providers</a>
+<ul class="sectlevel2">
+<li><a href="administration-guide.html#flow-persistence-providers">Flow Persistence Providers</a></li>
+<li><a href="administration-guide.html#bundle-persistence-providers">Bundle Persistence Providers</a></li>
+</ul>
+</li>
+<li><a href="administration-guide.html#event-hooks">Event Hooks</a>
+<ul class="sectlevel2">
+<li><a href="administration-guide.html#shared-event-hook-properties">Shared Event Hook Properties</a></li>
+<li><a href="administration-guide.html#scripteventhookprovider">ScriptEventHookProvider</a></li>
+<li><a href="administration-guide.html#loggingeventhookprovider">LoggingEventHookProvider</a></li>
+</ul>
+</li>
+<li><a href="administration-guide.html#url-aliasing">URL Aliasing</a></li>
+<li><a href="administration-guide.html#backup-recovery">Backup & Recovery</a>
+<ul class="sectlevel2">
+<li><a href="administration-guide.html#metadata-database-2">Metadata Database</a></li>
+<li><a href="administration-guide.html#persistence-providers-2">Persistence Providers</a></li>
+<li><a href="administration-guide.html#bundle-persistence">Bundle Persistence</a></li>
+<li><a href="administration-guide.html#configuration-files">Configuration Files</a></li>
+</ul>
+</li>
+</ul>
+</div>
+</div>
+<div id="content">
+<div class="sect1">
+<h2 id="system-requirements"><a class="anchor" href="administration-guide.html#system-requirements"></a>System Requirements</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>NiFi Registry has the following minimum system requirements:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>Requires Java Development Kit (JDK) 8, newer than 1.8.0_45</p>
+</li>
+</ul>
+</div>
+<div class="admonitionblock warning">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-warning" title="Warning"></i>
+</td>
+<td class="content">
+When running Registry with only a JRE you may encounter the following error as Flyway (database migration tool) attempts to utilize a resource from the JDK:<br>
+<br>
+ <code>java.lang.RuntimeException: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'flywayInitializer' defined in class path resource [org/springframework/boot/autoconfigure/flyway/FlywayAutoConfiguration$FlywayConfiguration.class]: Invocation of init method failed; nested exception is org.flywaydb.core.api.FlywayException: Validate failed: Detected failed migration to version 1.3 (DropBucketItemNameUniqueness)</code>
+</td>
+</tr>
+</table>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>Supported Operating Systems:</p>
+<div class="ulist">
+<ul>
+<li>
+<p>Linux</p>
+</li>
+<li>
+<p>Unix</p>
+</li>
+<li>
+<p>Mac OS X</p>
+</li>
+</ul>
+</div>
+</li>
+<li>
+<p>Supported Web Browsers:</p>
+<div class="ulist">
+<ul>
+<li>
+<p>Google Chrome: Current & (Current - 1)</p>
+</li>
+<li>
+<p>Mozilla FireFox: Current & (Current - 1)</p>
+</li>
+<li>
+<p>Safari: Current & (Current - 1)</p>
+</li>
+</ul>
+</div>
+</li>
+</ul>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="how-to-install-and-start-nifi-registry"><a class="anchor" href="administration-guide.html#how-to-install-and-start-nifi-registry"></a>How to install and start NiFi Registry</h2>
+<div class="sectionbody">
+<div class="ulist">
+<ul>
+<li>
+<p>Linux/Unix/OS X</p>
+<div class="ulist">
+<ul>
+<li>
+<p>Decompress and untar into desired installation directory</p>
+</li>
+<li>
+<p>Make any desired edits in files found under <code><installdir>/conf</code></p>
+</li>
+<li>
+<p>From the <code><installdir>/bin</code> directory, execute the following commands by typing <code>./nifi-registry.sh <command></code>:</p>
+<div class="ulist">
+<ul>
+<li>
+<p><code>start</code>: starts NiFi Registry in the background</p>
+</li>
+<li>
+<p><code>stop</code>: stops NiFi Registry that is running in the background</p>
+</li>
+<li>
+<p><code>status</code>: provides the current status of NiFi Registry</p>
+</li>
+<li>
+<p><code>run</code>: runs NiFi Registry in the foreground and waits for a Ctrl-C to initiate shutdown of NiFi Registry</p>
+</li>
+<li>
+<p><code>install</code>: installs NiFi Registry as a service that can then be controlled via</p>
+<div class="ulist">
+<ul>
+<li>
+<p><code>service nifi-registry start</code></p>
+</li>
+<li>
+<p><code>service nifi-registry stop</code></p>
+</li>
+<li>
+<p><code>service nifi-registry status</code></p>
+</li>
+</ul>
+</div>
+</li>
+</ul>
+</div>
+</li>
+</ul>
+</div>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>When NiFi Registry first starts up, the following directories are created:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p><code>flow_storage</code></p>
+</li>
+<li>
+<p><code>database</code></p>
+</li>
+<li>
+<p><code>work</code></p>
+</li>
+<li>
+<p><code>logs</code></p>
+</li>
+<li>
+<p><code>run</code></p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>See the <a href="administration-guide.html#system_properties">System Properties</a> section of this guide for more information about NiFi Registry configuration files.</p>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="recommended-antivirus-exclusions"><a class="anchor" href="administration-guide.html#recommended-antivirus-exclusions"></a>Recommended Antivirus Exclusions</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>Antivirus software can take a long time to scan large directories and the numerous files within them. Additionally, if the antivirus software locks files or directories during a scan, those resources are unavailable to NiFi Registry processes, causing latency or unavailability of these resources in a NiFi Registry instance. To prevent these performance and reliability issues from occurring, it is highly recommended to configure your antivirus software to skip scans on the following Ni [...]
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p><code>database</code></p>
+</li>
+<li>
+<p><code>extension_bundles</code></p>
+</li>
+<li>
+<p><code>flow_storage</code></p>
+</li>
+<li>
+<p><code>logs</code></p>
+</li>
+</ul>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+The directories listed are generated at startup for a default NiFi Registry installation. Consider your configuration when determining directories to exclude during antivirus scans. For example, if an external database has been setup or if a different flow storage directory is specified in your configuration.
+</td>
+</tr>
+</table>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="security_configuration"><a class="anchor" href="administration-guide.html#security_configuration"></a>Security Configuration</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>NiFi Registry provides several different configuration options for security purposes. The most important properties are those under the
+"security properties" heading in the <em>nifi-registry.properties</em> file. In order to run securely, the following properties must be set:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Property Name</th>
+<th class="tableblock halign-left valign-top">Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.keystore</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Filename of the Keystore that contains the server’s private key.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.keystoreType</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The type of Keystore. Must be <code>PKCS12</code> or <code>JKS</code> or <code>BCFKS</code>. JKS is the preferred type, BCFKS and PKCS12 files will be loaded with BouncyCastle provider.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.keystorePasswd</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The password for the Keystore.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.keyPasswd</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The password for the certificate in the Keystore. If not set, the value of <code>nifi.registry.security.keystorePasswd</code> will be used.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.truststore</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Filename of the Truststore that will be used to authorize those connecting to NiFi Registry. A secured instance with no Truststore will refuse all incoming connections.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.truststoreType</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The type of the Truststore. Must be <code>PKCS12</code> or <code>JKS</code> or <code>BCFKS</code>. JKS is the preferred type, BCFKS and PKCS12 files will be loaded with BouncyCastle provider.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.truststorePasswd</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The password for the Truststore.</p></td>
+</tr>
+</tbody>
+<tfoot>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.needClientAuth</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">This specifies that connecting clients must authenticate with a client cert. Setting this to <code>false</code> will specify that connecting clients may optionally authenticate with a client cert, but may also login with a username and password against a configured identity provider. The default value is <code>true</code>.</p></td>
+</tr>
+</tfoot>
+</table>
+<div class="paragraph">
+<p>Once the above properties have been configured, we can enable the User Interface to be accessed over HTTPS instead of HTTP. This is accomplished
+by setting the <code>nifi.registry.web.https.host</code> and <code>nifi.registry.web.https.port</code> properties. The <code>nifi.registry.web.https.host</code> property indicates which hostname the server
+should run on. If it is desired that the HTTPS interface be accessible from all network interfaces, a value of <code>0.0.0.0</code> should be used for <code>nifi.registry.web.https.host</code>.</p>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+It is important when enabling HTTPS that the <code>nifi.registry.web.http.port</code> property be unset.
+</td>
+</tr>
+</table>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="user_authentication"><a class="anchor" href="administration-guide.html#user_authentication"></a>User Authentication</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>A secured instance of NiFi Registry cannot be accessed anonymously, so a method of user authentication must be configured.</p>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+NiFi Registry does not perform user authentication over HTTP. Using HTTP, all users will have full permissions.
+</td>
+</tr>
+</table>
+</div>
+<div class="paragraph">
+<p>Any secured instance of NiFi Registry supports authentication via client certificates that are trusted by the NiFi Registry’s SSL Context Truststore.
+Alternatively, a secured NiFi Registry can be configured to authenticate users via username/password.</p>
+</div>
+<div class="paragraph">
+<p>Username/password authentication is performed by an 'Identity Provider'. The Identity Provider is a pluggable mechanism for
+authenticating users via their username/password. Which Identity Provider to use is configured in the <em>nifi-registry.properties</em> file.
+Currently NiFi Registry offers Identity Providers for LDAP and Kerberos.</p>
+</div>
+<div class="paragraph">
+<p>Identity Providers are configured using two properties in the <em>nifi-registry.properties</em> file:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>The <code>nifi.registry.security.identity.providers.configuration.file</code> property specifies the configuration file where identity providers are defined. By default, the <em>identity-providers.xml</em> file located in the root installation <code>conf</code> directory is selected.</p>
+</li>
+<li>
+<p>The <code>nifi.registry.security.identity.provider</code> property indicates which of the configured identity providers in the <em>identity-providers.xml</em> file to use. By default, this property is not configured meaning that username/password must be explicitly enabled.</p>
+</li>
+</ul>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+NiFi Registry can only be configured to use one Identity Provider at a given time.
+</td>
+</tr>
+</table>
+</div>
+<div class="sect2">
+<h3 id="ldap_identity_provider"><a class="anchor" href="administration-guide.html#ldap_identity_provider"></a>Lightweight Directory Access Protocol (LDAP)</h3>
+<div class="paragraph">
+<p>Below is an example and description of configuring a Identity Provider that integrates with a Directory Server to authenticate users.</p>
+</div>
+<div class="paragraph">
+<p>Set the following in <em>nifi-registry.properties</em> to enable LDAP username/password authentication:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre>nifi.registry.security.identity.provider=ldap-identity-provider</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>Modify <em>identity-providers.xml</em> to enable the <code>ldap-identity-provider</code>. Here is the sample provided in the file:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre><provider>
+ <identifier>ldap-identity-provider</identifier>
+ <class>org.apache.nifi.registry.security.ldap.LdapIdentityProvider</class>
+ <property name="Authentication Strategy">START_TLS</property>
+
+ <property name="Manager DN"></property>
+ <property name="Manager Password"></property>
+
+ <property name="TLS - Keystore"></property>
+ <property name="TLS - Keystore Password"></property>
+ <property name="TLS - Keystore Type"></property>
+ <property name="TLS - Truststore"></property>
+ <property name="TLS - Truststore Password"></property>
+ <property name="TLS - Truststore Type"></property>
+ <property name="TLS - Client Auth"></property>
+ <property name="TLS - Protocol"></property>
+ <property name="TLS - Shutdown Gracefully"></property>
+
+ <property name="Referral Strategy">FOLLOW</property>
+ <property name="Connect Timeout">10 secs</property>
+ <property name="Read Timeout">10 secs</property>
+
+ <property name="Url"></property>
+ <property name="User Search Base"></property>
+ <property name="User Search Filter"></property>
+
+ <property name="Identity Strategy">USE_DN</property>
+ <property name="Authentication Expiration">12 hours</property>
+</provider></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>The <code>ldap-identity-provider</code> has the following properties:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Property Name</th>
+<th class="tableblock halign-left valign-top">Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Authentication Strategy</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">How the connection to the LDAP server is authenticated. Possible values are <code>ANONYMOUS</code>, <code>SIMPLE</code>, <code>LDAPS</code>, or <code>START_TLS</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Manager DN</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The DN of the manager that is used to bind to the LDAP server to search for users.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Manager Password</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The password of the manager that is used to bind to the LDAP server to search for users.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Keystore</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Path to the Keystore that is used when connecting to LDAP using LDAPS or START_TLS.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Keystore Password</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Password for the Keystore that is used when connecting to LDAP using LDAPS or START_TLS.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Keystore Type</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Type of the Keystore that is used when connecting to LDAP using LDAPS or START_TLS (i.e. <code>JKS</code> or <code>PKCS12</code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Truststore</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Path to the Truststore that is used when connecting to LDAP using LDAPS or START_TLS.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Truststore Password</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Password for the Truststore that is used when connecting to LDAP using LDAPS or START_TLS.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Truststore Type</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Type of the Truststore that is used when connecting to LDAP using LDAPS or START_TLS (i.e. <code>JKS</code> or <code>PKCS12</code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Client Auth</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Client authentication policy when connecting to LDAP using LDAPS or START_TLS. Possible values are <code>REQUIRED</code>, <code>WANT</code>, <code>NONE</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Protocol</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Protocol to use when connecting to LDAP using LDAPS or START_TLS. (i.e. <code>TLS</code>, <code>TLSv1.1</code>, <code>TLSv1.2</code>, etc).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Shutdown Gracefully</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Specifies whether the TLS should be shut down gracefully before the target context is closed. Defaults to <code>false</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Referral Strategy</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Strategy for handling referrals. Possible values are <code>FOLLOW</code>, <code>IGNORE</code>, <code>THROW</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Connect Timeout</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Duration of connect timeout. (i.e. <code>10 secs</code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Read Timeout</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Duration of read timeout. (i.e. <code>10 secs</code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Url</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Space-separated list of URLs of the LDAP servers (i.e. <code>ldap://<hostname>:<port></code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>User Search Base</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Base DN for searching for users (i.e. <code>CN=Users,DC=example,DC=com</code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>User Search Filter</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Filter for searching for users against the <code>User Search Base</code>. (i.e. <code>sAMAccountName={0}</code>). The user specified name is inserted into '{0}'.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Identity Strategy</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Strategy to identify users. Possible values are <code>USE_DN</code> and <code>USE_USERNAME</code>. The default functionality if this property is missing is <code>USE_DN</code> in order to retain backward
+compatibility. <code>USE_DN</code> will use the full DN of the user entry if possible. <code>USE_USERNAME</code> will use the username the user logged in with.</p></td>
+</tr>
+</tbody>
+<tfoot>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Authentication Expiration</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The duration of how long the user authentication is valid for. If the user never logs out, they will be required to log back in following this duration.</p></td>
+</tr>
+</tfoot>
+</table>
+</div>
+<div class="sect2">
+<h3 id="kerberos_identity_provider"><a class="anchor" href="administration-guide.html#kerberos_identity_provider"></a>Kerberos</h3>
+<div class="paragraph">
+<p>Below is an example and description of configuring an Identity Provider that integrates with a Kerberos Key Distribution Center (KDC) to authenticate users.</p>
+</div>
+<div class="paragraph">
+<p>Set the following in <em>nifi-registry.properties</em> to enable Kerberos username/password authentication:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre>nifi.registry.security.user.identity.provider=kerberos-identity-provider</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>Modify <em>identity-providers.xml</em> to enable the <code>kerberos-identity-provider</code>. Here is the sample provided in the file:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre><provider>
+ <identifier>kerberos-identity-provider</identifier>
+ <class>org.apache.nifi.registry.web.security.authentication.kerberos.KerberosIdentityProvider</class>
+ <property name="Default Realm">NIFI.APACHE.ORG</property>
+ <property name="Authentication Expiration">12 hours</property>
+ <property name="Enable Debug">false</property>
+</provider></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>The <code>kerberos-identity-provider</code> has the following properties:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Property Name</th>
+<th class="tableblock halign-left valign-top">Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Default Realm</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Default realm to provide when user enters incomplete user principal (i.e. <code>NIFI.APACHE.ORG</code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Authentication Expiration</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The duration for which the user authentication is valid. If the user never logs out, they will be required to log back in following this duration.</p></td>
+</tr>
+</tbody>
+<tfoot>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Enable Debug</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Enables debug logging output for the SunJaasKerberosClient used internally by the KerberosIdentityProvider. By default, this is set to <code>false</code>.</p></td>
+</tr>
+</tfoot>
+</table>
+<div class="paragraph">
+<p>See also <a href="administration-guide.html#kerberos_service">Kerberos Service</a> to allow single sign-on access via client Kerberos tickets.</p>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="authorization"><a class="anchor" href="administration-guide.html#authorization"></a>Authorization</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>After you have configured NiFi Registry to run securely and with an authentication mechanism, you must configure who has access to the system and their level of access.
+This is done by defining policies that give users and groups permissions to perform a particular action. These policies are defined in an 'authorizer'.</p>
+</div>
+<div class="sect2">
+<h3 id="authorizer-configuration"><a class="anchor" href="administration-guide.html#authorizer-configuration"></a>Authorizer Configuration</h3>
+<div class="paragraph">
+<p>An 'authorizer' manages known users and their access policies. Authorizers are configured using two properties in the <em>nifi-registry.properties</em> file:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>The <code>nifi.registry.security.authorizers.configuration.file</code> property specifies the configuration file where authorizers are defined. By default, the <em>authorizers.xml</em> file located in the root installation conf directory is selected.</p>
+</li>
+<li>
+<p>The <code>nifi.registry.security.authorizer</code> property indicates which of the configured authorizers in the <em>authorizers.xml</em> file to use.</p>
+</li>
+</ul>
+</div>
+</div>
+<div class="sect2">
+<h3 id="authorizers-setup"><a class="anchor" href="administration-guide.html#authorizers-setup"></a>Authorizers.xml Setup</h3>
+<div class="paragraph">
+<p>The <em>authorizers.xml</em> file is used to define and configure available authorizers.</p>
+</div>
+<div class="sect3">
+<h4 id="standardmanagedauthorizer"><a class="anchor" href="administration-guide.html#standardmanagedauthorizer"></a>StandardManagedAuthorizer</h4>
+<div class="paragraph">
+<p>The default Authorizer is the StandardManagedAuthorizer, however, you can develop additional Authorizers as extensions. The StandardManagedAuthorizer has the following properties:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Property Name</th>
+<th class="tableblock halign-left valign-top">Description</th>
+</tr>
+</thead>
+<tfoot>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Access Policy Provider</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The identifier for an Access Policy Provider defined above.</p></td>
+</tr>
+</tfoot>
+</table>
+<div class="paragraph">
+<p>The managed authorizer is comprised of a UserGroupProvider and a AccessPolicyProvider. The users, group, and access policies will be loaded and optionally configured through these providers. The managed authorizer will make all access decisions based on these provided users, groups, and access policies.</p>
+</div>
+<div class="paragraph">
+<p>During startup there is a check to ensure that there are no two users/groups with the same identity/name. This check is executed regardless of the configured implementation. This is necessary because this is how users/groups are identified and authorized during access decisions.</p>
+</div>
+</div>
+<div class="sect3">
+<h4 id="usergroupprovider"><a class="anchor" href="administration-guide.html#usergroupprovider"></a>UserGroupProvider</h4>
+<div class="sect4">
+<h5 id="fileusergroupprovider"><a class="anchor" href="administration-guide.html#fileusergroupprovider"></a>FileUserGroupProvider</h5>
+<div class="paragraph">
+<p>The default UserGroupProvider is the FileUserGroupProvider, however, you can develop additional UserGroupProviders as extensions. The FileUserGroupProvider has the following properties:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Property Name</th>
+<th class="tableblock halign-left valign-top">Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Users File</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The file where the FileUserGroupProvider stores users and groups.
+ By default, <em>users.xml</em> in the <code>conf</code> directory is chosen.</p></td>
+</tr>
+</tbody>
+<tfoot>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Initial User Identity</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The identity of a user or system to seed an empty Users File.
+ Multiple Initial User Identity properties can be specified, but the name of each property must be unique, for example: <code>"Initial User Identity A"</code>, <code>"Initial User Identity B"</code>, <code>"Initial User Identity C"</code> or <code>"Initial User Identity 1"</code>, <code>"Initial User Identity 2"</code>, <code>"Initial User Identity 3"</code>.</p></td>
+</tr>
+</tfoot>
+</table>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+Initial User Identities are only created if the specified Users File is missing or empty during NiFi Registry startup. Changes to the configured Initial Users Identities will not take effect if the Users File is populated.
+</td>
+</tr>
+</table>
+</div>
+</div>
+<div class="sect4">
+<h5 id="ldapusergroupprovider"><a class="anchor" href="administration-guide.html#ldapusergroupprovider"></a>LdapUserGroupProvider</h5>
+<div class="paragraph">
+<p>Another option for the UserGroupProvider is the LdapUserGroupProvider. By default, this option is commented out but can be configured in lieu of the FileUserGroupProvider.
+This will sync users and groups from a directory server and will present them in NiFi Registry UI in read only form. The LdapUserGroupProvider has the following properties:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Property Name</th>
+<th class="tableblock halign-left valign-top">Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Authentication Strategy</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">How the connection to the LDAP server is authenticated. Possible values are <code>ANONYMOUS</code>, <code>SIMPLE</code>, <code>LDAPS</code>, or <code>START_TLS</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Manager DN</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The DN of the manager that is used to bind to the LDAP server to search for users.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Manager Password</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The password of the manager that is used to bind to the LDAP server to search for users.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Keystore</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Path to the Keystore that is used when connecting to LDAP using LDAPS or START_TLS.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Keystore Password</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Password for the Keystore that is used when connecting to LDAP using LDAPS or START_TLS.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Keystore Type</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Type of the Keystore that is used when connecting to LDAP using LDAPS or START_TLS (i.e. <code>JKS</code> or <code>PKCS12</code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Truststore</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Path to the Truststore that is used when connecting to LDAP using LDAPS or START_TLS.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Truststore Password</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Password for the Truststore that is used when connecting to LDAP using LDAPS or START_TLS.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Truststore Type</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Type of the Truststore that is used when connecting to LDAP using LDAPS or START_TLS (i.e. <code>JKS</code> or <code>PKCS12</code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Client Auth</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Client authentication policy when connecting to LDAP using LDAPS or START_TLS. Possible values are <code>REQUIRED</code>, <code>WANT</code>, <code>NONE</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Protocol</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Protocol to use when connecting to LDAP using LDAPS or START_TLS. (i.e. <code>TLS</code>, <code>TLSv1.1</code>, <code>TLSv1.2</code>, etc).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>TLS - Shutdown Gracefully</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Specifies whether the TLS should be shut down gracefully before the target context is closed. Defaults to <code>false</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Referral Strategy</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Strategy for handling referrals. Possible values are <code>FOLLOW</code>, <code>IGNORE</code>, <code>THROW</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Connect Timeout</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Duration of connect timeout. (i.e. <code>10 secs</code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Read Timeout</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Duration of read timeout. (i.e. <code>10 secs</code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Url</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Space-separated list of URLs of the LDAP servers (i.e. <code>ldap://<hostname>:<port></code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Page Size</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Sets the page size when retrieving users and groups. If not specified, no paging is performed.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Sync Interval</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Duration of time between syncing users and groups. (i.e. <code>30 mins</code>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Group Membership - Enforce Case Sensitivity</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Sets whether group membership decisions are case sensitive. When a user or group is inferred (by not specifying or user or group search base or user identity attribute or group name attribute) case sensitivity is enforced since the value to use for the user identity or group name would be ambiguous. Defaults to false.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>User Search Base</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Base DN for searching for users (i.e. <code>ou=users,o=nifi</code>). Required to search users.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>User Object Class</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Object class for identifying users (i.e. <code>person</code>). Required if searching users.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>User Search Scope</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Search scope for searching users (<code>ONE_LEVEL</code>, <code>OBJECT</code>, or <code>SUBTREE</code>). Required if searching users.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>User Search Filter</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Filter for searching for users against the <code>User Search Base</code> (i.e. <code>(memberof=cn=team1,ou=groups,o=nifi)</code>). Optional.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>User Identity Attribute</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Attribute to use to extract user identity (i.e. <code>cn</code>). Optional. If not set, the entire DN is used.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>User Group Name Attribute</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Attribute to use to define group membership (i.e. <code>memberof</code>). Optional. If not set group membership will not be calculated through the users. Will rely on group membership being defined through <code>Group Member Attribute</code> if set. The value of this property is the name of the attribute in the user LDAP entry that associates them with a group. The value of that user attribute could be a dn or group name [...]
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>User Group Name Attribute - Referenced Group Attribute</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">If blank, the value of the attribute defined in <code>User Group Name Attribute</code> is expected to be the full dn of the group. If not blank, this property will define the attribute of the group LDAP entry that the value of the attribute defined in <code>User Group Name Attribute</code> is referencing (i.e. <code>name</code>). Use of this property requires that <code>Group Search Base</code> is also configured.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Group Search Base</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Base DN for searching for groups (i.e. <code>ou=groups,o=nifi</code>). Required to search groups.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Group Object Class</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Object class for identifying groups (i.e. <code>groupOfNames</code>). Required if searching groups.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Group Search Scope</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Search scope for searching groups (<code>ONE_LEVEL</code>, <code>OBJECT</code>, or <code>SUBTREE</code>). Required if searching groups.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Group Search Filter</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Filter for searching for groups against the <code>Group Search Base</code>. Optional.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Group Name Attribute</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Attribute to use to extract group name (i.e. <code>cn</code>). Optional. If not set, the entire DN is used.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Group Member Attribute</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Attribute to use to define group membership (i.e. <code>member</code>). Optional. If not set group membership will not be calculated through the groups. Will rely on group membership being defined through <code>User Group Name Attribute</code> if set. The value of this property is the name of the attribute in the group LDAP entry that associates them with a user. The value of that group attribute could be a dn or memberU [...]
+</tr>
+</tbody>
+<tfoot>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Group Member Attribute - Referenced User Attribute</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">If blank, the value of the attribute defined in <code>Group Member Attribute</code> is expected to be the full dn of the user. If not blank, this property will define the attribute of the user LDAP entry that the value of the attribute defined in <code>Group Member Attribute</code> is referencing (i.e. <code>uid</code>). Use of this property requires that <code>User Search Base</code> is also configured. (i.e. <code>memb [...]
+</tr>
+</tfoot>
+</table>
+</div>
+<div class="sect4">
+<h5 id="composite-implementations"><a class="anchor" href="administration-guide.html#composite-implementations"></a>Composite Implementations</h5>
+<div class="paragraph">
+<p>Another option for the UserGroupProvider are composite implementations. This means that multiple sources/implementations can be configured and composed. For instance, an admin can configure users/groups to be loaded from a file and a directory server. There are two composite implementations, one that supports multiple UserGroupProviders and one that supports multiple UserGroupProviders and a single configurable UserGroupProvider.</p>
+</div>
+<div class="paragraph">
+<p>The CompositeUserGroupProvider will provide support for retrieving users and groups from multiple sources. The CompositeUserGroupProvider has the following properties:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Property Name</th>
+<th class="tableblock halign-left valign-top">Description</th>
+</tr>
+</thead>
+<tfoot>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>User Group Provider</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The identifier of user group providers to load from. The name of each property must be unique, for example: <code>"User Group Provider A"</code>, <code>"User Group Provider B"</code>, <code>"User Group Provider C"</code> or <code>"User Group Provider 1"</code>, <code>"User Group Provider 2"</code>, <code>"User Group Provider 3"</code></p></td>
+</tr>
+</tfoot>
+</table>
+<div class="paragraph">
+<p>The CompositeConfigurableUserGroupProvider will provide support for retrieving users and groups from multiple sources. Additionally, a single configurable user group provider is required. Users from the configurable user group provider are configurable, however users loaded from one of the User Group Provider [unique key] will not be. The CompositeConfigurableUserGroupProvider has the following properties:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Property Name</th>
+<th class="tableblock halign-left valign-top">Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Configurable User Group Provider</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">A configurable user group provider.</p></td>
+</tr>
+</tbody>
+<tfoot>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>User Group Provider</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The identifier of user group providers to load from. The name of each property must be unique, for example: <code>"User Group Provider A"</code>, <code>"User Group Provider B"</code>, <code>"User Group Provider C"</code> or <code>"User Group Provider 1"</code>, <code>"User Group Provider 2"</code>, <code>"User Group Provider 3"</code></p></td>
+</tr>
+</tfoot>
+</table>
+</div>
+</div>
+<div class="sect3">
+<h4 id="accesspolicyprovider"><a class="anchor" href="administration-guide.html#accesspolicyprovider"></a>AccessPolicyProvider</h4>
+<div class="paragraph">
+<p>After you have configured a UserGroupProvider, you must configure an AccessPolicyProvider that will control Access Policies for the identities in the UserGroupProvider.</p>
+</div>
+<div class="sect4">
+<h5 id="fileaccesspolicyprovider"><a class="anchor" href="administration-guide.html#fileaccesspolicyprovider"></a>FileAccessPolicyProvider</h5>
+<div class="paragraph">
+<p>The default AccessPolicyProvider is the FileAccessPolicyProvider, however, you can develop additional AccessPolicyProvider as extensions. The FileAccessPolicyProvider has the following properties:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Property Name</th>
+<th class="tableblock halign-left valign-top">Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>User Group Provider</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The identifier for an User Group Provider defined above that will be used to access users and groups for use in the managed access policies.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Authorizations File</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The file where the FileAccessPolicyProvider will store policies. By default, <em>authorizations.xml</em> in the <code>conf</code> directory is chosen.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Initial Admin Identity</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The identity of an initial admin user that will be granted access to the UI and given the ability to create additional users, groups, and policies. For example, a certificate DN, LDAP identity, or Kerberos principal.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>NiFi Identity</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The identity of a NiFi instance/node that will be accessing this registry. Each NiFi Identity will be granted permission to proxy user requests, as well as read any bucket to perform synchronization status checks.</p></td>
+</tr>
+</tbody>
+<tfoot>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>NiFi Group Name</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The name of the group, whose members are NiFi instance/node identities, that will be accessing this registry. The members of this group will be granted permission to proxy user requests, as well as read any bucket to perform synchronization checks.</p></td>
+</tr>
+</tfoot>
+</table>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+The identities configured in the Initial Admin Identity and NiFi Identity properties must be available in the configured User Group Provider. Initial Admin Identity and NiFi Identity properties are only read by NiFi Registry when the Authorizations File is missing or empty on startup in order to seed the initial Authorizations File.
+Changes to the configured Initial Admin Identity and NiFi Identities will not take effect if the Authorizations File is populated.
+</td>
+</tr>
+</table>
+</div>
+</div>
+</div>
+<div class="sect3">
+<h4 id="initial-admin-identity"><a class="anchor" href="administration-guide.html#initial-admin-identity"></a>Initial Admin Identity (New NiFi Registry Instance)</h4>
+<div class="paragraph">
+<p>If you are setting up a secured NiFi Registry instance for the first time, you must manually designate an “Initial Admin Identity” in the <em>authorizers.xml</em> file.
+This initial admin user is granted access to the UI and given the ability to create additional users, groups, and policies.
+The value of this property could be a certificate DN , LDAP identity (DN or username), or a Kerberos principal.
+If you are the NiFi Registry administrator, add yourself as the “Initial Admin Identity”.</p>
+</div>
+<div class="paragraph">
+<p>After you have edited and saved the <em>authorizers.xml</em> file, restart NiFi Registry.
+The <em>users.xml</em> and <em>authorizations.xml</em> files will be created, and the “Initial Admin Identity” user and administrative policies are added during start up.
+Once NiFi Registry starts, the “Initial Admin Identity” user is able to access the UI and begin managing users, groups, and policies.</p>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+If initial NiFi identities are not provided, they can be added through the UI at a later time by first creating a user for the given
+NiFi identity, and then giving that user both Proxy permissions and permission to Buckets/READ in order to read all buckets.
+</td>
+</tr>
+</table>
+</div>
+<div class="paragraph">
+<p>Some common use cases are described below.</p>
+</div>
+<div class="sect4">
+<h5 id="file-based-ldap-authentication"><a class="anchor" href="administration-guide.html#file-based-ldap-authentication"></a>File-based (LDAP Authentication)</h5>
+<div class="paragraph">
+<p>Here is an example certificate DN entry using the name John Smith:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre><authorizers>
+
+ <userGroupProvider>
+ <identifier>file-user-group-provider</identifier>
+ <class>org.apache.nifi.registry.security.authorization.file.FileUserGroupProvider</class>
+ <property name="Users File">./conf/users.xml</property>
+ <property name="Legacy Authorized Users File"></property>
+ <property name="Initial User Identity 1">cn=John Smith,ou=people,dc=example,dc=com</property>
+ </userGroupProvider>
+
+ <accessPolicyProvider>
+ <identifier>file-access-policy-provider</identifier>
+ <class>org.apache.nifi.registry.security.authorization.file.FileAccessPolicyProvider</class>
+ <property name="User Group Provider">file-user-group-provider</property>
+ <property name="Authorizations File">./conf/authorizations.xml</property>
+ <property name="Initial Admin Identity">cn=John Smith,ou=people,dc=example,dc=com</property
+ <property name="NiFi Identity 1"></property>
+ </accessPolicyProvider>
+
+ <authorizer>
+ <identifier>managed-authorizer</identifier>
+ <class>org.apache.nifi.registry.security.authorization.StandardManagedAuthorizer</class>
+ <property name="Access Policy Provider">file-access-policy-provider</property>
+ </authorizer>
+</authorizers></pre>
+</div>
+</div>
+</div>
+<div class="sect4">
+<h5 id="file-based-kerberos-authentication"><a class="anchor" href="administration-guide.html#file-based-kerberos-authentication"></a>File-based (Kerberos Authentication)</h5>
+<div class="paragraph">
+<p>Here is an example Kerberos entry using the name John Smith and realm <code>NIFI.APACHE.ORG</code>:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre><authorizers>
+
+ <userGroupProvider>
+ <identifier>file-user-group-provider</identifier>
+ <class>org.apache.nifi.registry.security.authorization.file.FileUserGroupProvider</class>
+ <property name="Users File">./conf/users.xml</property>
+ <property name="Initial User Identity 1">johnsmith@NIFI.APACHE.ORG</property>
+ </userGroupProvider>
+
+ <accessPolicyProvider>
+ <identifier>file-access-policy-provider</identifier>
+ <class>org.apache.nifi.registry.security.authorization.file.FileAccessPolicyProvider</class>
+ <property name="User Group Provider">file-user-group-provider</property>
+ <property name="Authorizations File">./conf/authorizations.xml</property>
+ <property name="Initial Admin Identity">johnsmith@NIFI.APACHE.ORG</property>
+ <property name="NiFi Identity 1"></property>
+ </accessPolicyProvider>
+
+ <authorizer>
+ <identifier>managed-authorizer</identifier>
+ <class>org.apache.nifi.registry.security.authorization.StandardManagedAuthorizer</class>
+ <property name="Access Policy Provider">file-access-policy-provider</property>
+ </authorizer>
+</authorizers></pre>
+</div>
+</div>
+</div>
+<div class="sect4">
+<h5 id="ldap-based-usersgroups-referencing-user-dn"><a class="anchor" href="administration-guide.html#ldap-based-usersgroups-referencing-user-dn"></a>LDAP-based Users/Groups Referencing User DN</h5>
+<div class="paragraph">
+<p>Here is an example loading users and groups from LDAP. Group membership will be driven through the member attribute of each group.
+Authorization will still use file-based access policies.</p>
+</div>
+<div class="paragraph">
+<p>Given the following LDAP entries exist:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre>dn: cn=User 1,ou=users,o=nifi
+objectClass: organizationalPerson
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: top
+cn: User 1
+sn: User1
+uid: user1
+
+dn: cn=User 2,ou=users,o=nifi
+objectClass: organizationalPerson
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: top
+cn: User 2
+sn: User2
+uid: user2
+
+dn: cn=users,ou=groups,o=nifi
+objectClass: groupOfNames
+objectClass: top
+cn: users
+member: cn=User 1,ou=users,o=nifi
+member: cn=User 2,ou=users,o=nifi</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>An Authorizer using an LdapUserGroupProvider would be configured as:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre><authorizers>
+ <userGroupProvider>
+ <identifier>ldap-user-group-provider</identifier>
+ <class>org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider</class>
+ <property name="Authentication Strategy">ANONYMOUS</property>
+
+ <property name="Manager DN"></property>
+ <property name="Manager Password"></property>
+
+ <property name="TLS - Keystore"></property>
+ <property name="TLS - Keystore Password"></property>
+ <property name="TLS - Keystore Type"></property>
+ <property name="TLS - Truststore"></property>
+ <property name="TLS - Truststore Password"></property>
+ <property name="TLS - Truststore Type"></property>
+ <property name="TLS - Client Auth"></property>
+ <property name="TLS - Protocol"></property>
+ <property name="TLS - Shutdown Gracefully"></property>
+
+ <property name="Referral Strategy">FOLLOW</property>
+ <property name="Connect Timeout">10 secs</property>
+ <property name="Read Timeout">10 secs</property>
+
+ <property name="Url">ldap://localhost:10389</property>
+ <property name="Page Size"></property>
+ <property name="Sync Interval">30 mins</property>
+ <property name="Group Membership - Enforce Case Sensitivity">false</property>
+
+ <property name="User Search Base">ou=users,o=nifi</property>
+ <property name="User Object Class">person</property>
+ <property name="User Search Scope">ONE_LEVEL</property>
+ <property name="User Search Filter"></property>
+ <property name="User Identity Attribute">cn</property>
+ <property name="User Group Name Attribute"></property>
+ <property name="User Group Name Attribute - Referenced Group Attribute"></property>
+
+ <property name="Group Search Base">ou=groups,o=nifi</property>
+ <property name="Group Object Class">groupOfNames</property>
+ <property name="Group Search Scope">ONE_LEVEL</property>
+ <property name="Group Search Filter"></property>
+ <property name="Group Name Attribute">cn</property>
+ <property name="Group Member Attribute">member</property>
+ <property name="Group Member Attribute - Referenced User Attribute"></property>
+ </userGroupProvider>
+
+ <accessPolicyProvider>
+ <identifier>file-access-policy-provider</identifier>
+ <class>org.apache.nifi.registry.security.authorization.file.FileAccessPolicyProvider</class>
+ <property name="User Group Provider">ldap-user-group-provider</property>
+ <property name="Authorizations File">./conf/authorizations.xml</property>
+ <property name="Initial Admin Identity">User 1</property>
+ <property name="NiFi Identity 1"></property>
+ </accessPolicyProvider>
+
+ <authorizer>
+ <identifier>managed-authorizer</identifier>
+ <class>org.apache.nifi.registry.security.authorization.StandardManagedAuthorizer</class>
+ <property name="Access Policy Provider">file-access-policy-provider</property>
+ </authorizer>
+</authorizers></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>The <code>Initial Admin Identity</code> value would have loaded from the cn of the User 1 entry based on the <code>User Identity Attribute</code> value.</p>
+</div>
+</div>
+<div class="sect4">
+<h5 id="composite-file-and-ldap-based-usersgroups"><a class="anchor" href="administration-guide.html#composite-file-and-ldap-based-usersgroups"></a>Composite - File and LDAP-based Users/Groups</h5>
+<div class="paragraph">
+<p>Here is an example composite implementation loading users and groups from LDAP and a local file. Group membership will be driven through
+the member attribute of each group. The users from LDAP will be read only while the users loaded from the file will be configurable in UI.</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre><authorizers>
+
+ <userGroupProvider>
+ <identifier>file-user-group-provider</identifier>
+ <class>org.apache.nifi.registry.security.authorization.file.FileUserGroupProvider</class>
+ <property name="Users File">./conf/users.xml</property>
+ <property name="Initial User Identity 1">cn=nifi-node1,ou=servers,dc=example,dc=com</property>
+ <property name="Initial User Identity 2">cn=nifi-node2,ou=servers,dc=example,dc=com</property>
+ </userGroupProvider>
+
+ <userGroupProvider>
+ <identifier>ldap-user-group-provider</identifier>
+ <class>org.apache.nifi.registry.security.ldap.tenants.LdapUserGroupProvider</class>
+ <property name="Authentication Strategy">ANONYMOUS</property>
+
+ <property name="Manager DN"></property>
+ <property name="Manager Password"></property>
+
+ <property name="TLS - Keystore"></property>
+ <property name="TLS - Keystore Password"></property>
+ <property name="TLS - Keystore Type"></property>
+ <property name="TLS - Truststore"></property>
+ <property name="TLS - Truststore Password"></property>
+ <property name="TLS - Truststore Type"></property>
+ <property name="TLS - Client Auth"></property>
+ <property name="TLS - Protocol"></property>
+ <property name="TLS - Shutdown Gracefully"></property>
+
+ <property name="Referral Strategy">FOLLOW</property>
+ <property name="Connect Timeout">10 secs</property>
+ <property name="Read Timeout">10 secs</property>
+
+ <property name="Url">ldap://localhost:10389</property>
+ <property name="Page Size"></property>
+ <property name="Sync Interval">30 mins</property>
+ <property name="Group Membership - Enforce Case Sensitivity">false</property>
+
+ <property name="User Search Base">ou=users,o=nifi</property>
+ <property name="User Object Class">person</property>
+ <property name="User Search Scope">ONE_LEVEL</property>
+ <property name="User Search Filter"></property>
+ <property name="User Identity Attribute">cn</property>
+ <property name="User Group Name Attribute"></property>
+ <property name="User Group Name Attribute - Referenced Group Attribute"></property>
+
+ <property name="Group Search Base">ou=groups,o=nifi</property>
+ <property name="Group Object Class">groupOfNames</property>
+ <property name="Group Search Scope">ONE_LEVEL</property>
+ <property name="Group Search Filter"></property>
+ <property name="Group Name Attribute">cn</property>
+ <property name="Group Member Attribute">member</property>
+ <property name="Group Member Attribute - Referenced User Attribute"></property>
+ </userGroupProvider>
+
+ <userGroupProvider>
+ <identifier>composite-user-group-provider</identifier>
+ <class>org.apache.nifi.registry.security.authorization.CompositeUserGroupProvider</class>
+ <property name="User Group Provider 1">file-user-group-provider</property>
+ <property name="User Group Provider 2">ldap-user-group-provider</property>
+ </userGroupProvider>
+
+ <accessPolicyProvider>
+ <identifier>file-access-policy-provider</identifier>
+ <class>org.apache.nifi.registry.security.authorization.file.FileAccessPolicyProvider</class>
+ <property name="User Group Provider">composite-user-group-provider</property>
+ <property name="Authorizations File">./conf/authorizations.xml</property>
+ <property name="Initial Admin Identity">User 1/property>
+ <property name="NiFi Identity 1">cn=nifi-node1,ou=servers,dc=example,dc=com</property>
+ <property name="NiFi Identity 2">cn=nifi-node2,ou=servers,dc=example,dc=com</property>
+ </accessPolicyProvider>
+
+ <authorizer>
+ <identifier>managed-authorizer</identifier>
+ <class>org.apache.nifi.registry.security.authorization.StandardManagedAuthorizer</class>
+ <property name="Access Policy Provider">file-access-policy-provider</property>
+ </authorizer>
+</authorizers></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>In this example, the users and groups are loaded from LDAP but the servers are managed in a local file. The <code>Initial Admin Identity</code> value came
+from an attribute in a LDAP entry based on the <code>User Identity Attribute</code>. The <code>NiFi Identity</code> values are established in the local file using the
+<code>Initial User Identity</code> properties.</p>
+</div>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="access-policies"><a class="anchor" href="administration-guide.html#access-policies"></a>Access Policies</h3>
+<div class="paragraph">
+<p>You can manage the ability for users and groups to view or modify NiFi Registry resources using 'access policies'. Access policies can be created to control access to buckets, as well as to grant special privileges to users for managing a NiFi Registry instance.</p>
+</div>
+<div class="sect3">
+<h4 id="bucket-policies"><a class="anchor" href="administration-guide.html#bucket-policies"></a>Bucket Policies</h4>
+<div class="paragraph">
+<p>Bucket policies govern the following bucket level authorizations:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 33.3333%;">
+<col style="width: 33.3333%;">
+<col style="width: 33.3334%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Policy</th>
+<th class="tableblock halign-left valign-top">Privilege</th>
+<th class="tableblock halign-left valign-top">Resource Descriptor</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Read Bucket</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to read items in the bucket</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/buckets/<bucket-UUID>" action="R"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Write Bucket</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to write items to the bucket</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/buckets/<bucket-UUID>" action="W"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Delete Bucket</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to delete the bucket</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/buckets/<bucket-UUID>" action="D"</code></p></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="sect3">
+<h4 id="special-privilege-policies"><a class="anchor" href="administration-guide.html#special-privilege-policies"></a>Special Privilege Policies</h4>
+<div class="paragraph">
+<p>Special privilege policies govern the following system level authorizations:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 33.3333%;">
+<col style="width: 33.3333%;">
+<col style="width: 33.3334%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Policy</th>
+<th class="tableblock halign-left valign-top">Privilege</th>
+<th class="tableblock halign-left valign-top">Resource Descriptor</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Can Manage Buckets (Read)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to read from all buckets</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/buckets" action="R"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Can Manage Buckets (Write)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to write to all buckets</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/buckets" action="W"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Can Manage Buckets (Delete)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to delete all buckets</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/buckets" action="D"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Can Manage Users (Read)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to view users</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/tenants" action="R"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Can Manage Users (Write)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to create and modify users</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/tenants" action="W"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Can Manage Users (Delete)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to delete users</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/tenants" action="D"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Can Manage Policies (Read)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to view policies</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/policies" action="R"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Can Manage Policies (Write)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to create and modify policies</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/policies" action="W"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Can Manage Policies (Delete)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to delete policies</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/policies" action="D"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Can Proxy Requests (Read)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to proxy read requests (GET)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/proxy" action="R"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Can Proxy Requests (Write)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to proxy write requests (POST, PUT, PATCH)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/proxy" action="W"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Can Proxy Requests (Delete)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to proxy delete requests (DELETE)</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/proxy" action="D"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">View Swagger</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to access the self-hosted Swagger UI</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/swagger" action="R"</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">View Actuator</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Allows users to access the Spring Boot Actuator end-points</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>resource="/actuator" action="R"</code></p></td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="encrypted-passwords-in-configuration-files"><a class="anchor" href="administration-guide.html#encrypted-passwords-in-configuration-files"></a>Encrypted Passwords in Configuration Files</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>In order to facilitate the secure setup of NiFi Registry, you can use the <code>encrypt-config</code> command line utility to encrypt raw configuration values
+that NiFi Registry decrypts in memory on startup. This extensible protection scheme transparently allows NiFi Registry to use raw values in operation,
+while protecting them at rest. In the future, hardware security modules (HSM) and external secure storage mechanisms will be integrated, but for now,
+an AES encryption provider is the default implementation.</p>
+</div>
+<div class="paragraph">
+<p>If no administrator action is taken, the configuration values remain unencrypted.</p>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+The <code>encrypt-config</code> tool for NiFi Registry is implemented as an additional mode to the existing tool in the <code>nifi-toolkit</code>. The following sections
+assume you have downloaded the binary for the nifi-toolkit.
+</td>
+</tr>
+</table>
+</div>
+<div class="sect2">
+<h3 id="encrypt-config_tool"><a class="anchor" href="administration-guide.html#encrypt-config_tool"></a>Encrypt-Config Tool</h3>
+<div class="paragraph">
+<p>The <code>encrypt-config</code> command line tool can be used to encrypt NiFi Registry configuration by invoking the tool with the following command:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre>./bin/encrypt-config --nifiRegistry [options]</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>You can use the following command line options with the <code>encrypt-config</code> tool:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p><code>-h</code>,<code>--help</code> Show usage information (this message)</p>
+</li>
+<li>
+<p><code>-v</code>,<code>--verbose</code> Sets verbose mode (default false)</p>
+</li>
+<li>
+<p><code>-p</code>,<code>--password <password></code> Protect the files using a password-derived key. If an argument is not provided to this flag, interactive mode will be triggered to prompt the user to enter the password.</p>
+</li>
+<li>
+<p><code>-k</code>,<code>--key <keyhex></code> Protect the files using a raw hexadecimal key. If an argument is not provided to this flag, interactive mode will be triggered to prompt the user to enter the key.</p>
+</li>
+<li>
+<p><code>--oldPassword <password></code> If the input files are already protected using a password-derived key, this specifies the old password so that the files can be unprotected before re-protecting.</p>
+</li>
+<li>
+<p><code>--oldKey <keyhex></code> If the input files are already protected using a key, this specifies the raw hexadecimal key so that the files can be unprotected before re-protecting.</p>
+</li>
+<li>
+<p><code>-b</code>,<code>--bootstrapConf <file></code> The <em>bootstrap.conf</em> file containing no root key or an existing root key. If a new password or key is specified (using <code>-p</code> or <code>-k</code>) and no output <em>bootstrap.conf</em> file is specified, then this file will be overwritten to persist the new root key.</p>
+</li>
+<li>
+<p><code>-B</code>,<code>--outputBootstrapConf <file></code> The destination <em>bootstrap.conf</em> file to persist root key. If specified, the input <em>bootstrap.conf</em> will not be modified.</p>
+</li>
+<li>
+<p><code>-r</code>,<code>--nifiRegistryProperties <file></code> The <em>nifi-registry.properties</em> file containing unprotected config values, overwritten if no output file specified.</p>
+</li>
+<li>
+<p><code>-R</code>,<code>--outputNifiRegistryProperties <file></code> The destination <em>nifi-registry.properties</em> file containing protected config values.</p>
+</li>
+<li>
+<p><code>-a</code>,<code>--authorizersXml <file></code> The <em>authorizers.xml</em> file containing unprotected config values, overwritten if no output file specified.</p>
+</li>
+<li>
+<p><code>-A</code>,<code>--outputAuthorizersXml <file></code> The destination <em>authorizers.xml</em> file containing protected config values.</p>
+</li>
+<li>
+<p><code>-i</code>,<code>--identityProvidersXml <file></code> The <em>identity-providers.xml</em> file containing unprotected config values, overwritten if no output file specified.</p>
+</li>
+<li>
+<p><code>-I</code>,<code>--outputIdentityProvidersXml <file></code> The destination <em>identity-providers.xml</em> file containing protected config values.</p>
+</li>
+<li>
+<p><code>--decrypt</code> Can be used with <code>-r</code> to decrypt a previously encrypted NiFi Registry Properties file. Decrypted content is printed to STDOUT.</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>As an example of how the tool works, assume that you have installed the tool on a machine supporting 256-bit encryption and with the following existing values in the <em>nifi-registry.properties</em> file:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre># security properties #
+nifi.registry.security.keystore=/path/to/keystore.jks
+nifi.registry.security.keystoreType=JKS
+nifi.registry.security.keystorePasswd=thisIsABadKeystorePassword
+nifi.registry.security.keyPasswd=thisIsABadKeyPassword
+nifi.registry.security.truststore=
+nifi.registry.security.truststoreType=
+nifi.registry.security.truststorePasswd=</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>Enter the following arguments when using the tool:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre>./bin/encrypt-config.sh --nifiRegistry \
+-b bootstrap.conf \
+-k 0123456789ABCDEFFEDCBA98765432100123456789ABCDEFFEDCBA9876543210 \
+-r nifi-registry.properties</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>As a result, the <em>nifi-registry.properties</em> file is overwritten with protected properties and sibling encryption identifiers (<code>aes/gcm/256</code>, the currently supported algorithm):</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre># security properties #
+nifi.registry.security.keystore=/path/to/keystore.jks
+nifi.registry.security.keystoreType=JKS
+nifi.registry.security.keystorePasswd=oBjT92hIGRElIGOh||MZ6uYuWNBrOA6usq/Jt3DaD2e4otNirZDytac/w/KFe0HOkrJR03vcbo
+nifi.registry.security.keystorePasswd.protected=aes/gcm/256
+nifi.registry.security.keyPasswd=ac/BaE35SL/esLiJ||+ULRvRLYdIDA2VqpE0eQXDEMjaLBMG2kbKOdOwBk/hGebDKlVg==
+nifi.registry.security.keyPasswd.protected=aes/gcm/256
+nifi.registry.security.truststore=
+nifi.registry.security.truststoreType=
+nifi.registry.security.truststorePasswd=</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>When applied to <em>identity-providers.xml</em> or <em>authorizers.xml</em>, the property elements are updated with an <code>encryption</code> attribute. For example:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre><!-- LDAP Provider -->
+<provider>
+ <identifier>ldap-provider</identifier>
+ <class>org.apache.nifi.registry.security.ldap.LdapProvider</class>
+ <property name="Authentication Strategy">START_TLS</property>
+ <property name="Manager DN">someuser</property>
+ <property name="Manager Password" encryption="aes/gcm/128">q4r7WIgN0MaxdAKM||SGgdCTPGSFEcuH4RraMYEdeyVbOx93abdWTVSWvh1w+klA</property>
+ <property name="TLS - Keystore">/path/to/keystore.jks</property>
+ <property name="TLS - Keystore Password" encryption="aes/gcm/128">Uah59TWX+Ru5GY5p||B44RT/LJtC08QWA5ehQf01JxIpf0qSJUzug25UwkF5a50g</property>
+ <property name="TLS - Keystore Type">JKS</property>
+ ...
+</provider></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>Additionally, the <em>bootstrap.conf</em> file is updated with the encryption key as follows:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre># Root key in hexadecimal format for encrypted sensitive configuration values
+nifi.registry.bootstrap.sensitive.key=0123456789ABCDEFFEDCBA98765432100123456789ABCDEFFEDCBA9876543210</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>Sensitive configuration values are encrypted by the tool by default, however you can encrypt any additional properties, if desired.
+To encrypt additional properties, specify them as comma-separated values in the <code>nifi.registry.sensitive.props.additional.keys</code> property.</p>
+</div>
+<div class="paragraph">
+<p>If the <em>nifi-registry.properties</em> file already has valid protected values and you wish to protect additional values using the
+same root key already present in your <em>bootstrap.conf</em>, then run the tool without specifying a new key:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre># bootstrap.conf already contains root key property
+# nifi-registy.properties has been updated for nifi.registry.sensitive.props.additional.keys=...
+
+./bin/encrypt-config.sh --nifiRegistry -b bootstrap.conf -r nifi-registry.properties</pre>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="sensitive-property-key-migration"><a class="anchor" href="administration-guide.html#sensitive-property-key-migration"></a>Sensitive Property Key Migration</h3>
+<div class="paragraph">
+<p>In order to change the key used to encrypt the sensitive values, provide the new key or password using the <code>-k</code> or <code>-p</code> flags as usual,
+and provide the existing key or password using <code>--old-key</code> or <code>--old-password</code> respectively. This will allow the toolkit to decrypt the
+existing values and re-encrypt them, and update <em>bootstrap.conf</em> with the new key. Only one of the key or password needs to be specified
+for each phase (old vs. new), and any combination is sufficient:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>old key → new key</p>
+</li>
+<li>
+<p>old key → new password</p>
+</li>
+<li>
+<p>old password → new key</p>
+</li>
+<li>
+<p>old password → new password</p>
+</li>
+</ul>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="bootstrap_properties"><a class="anchor" href="administration-guide.html#bootstrap_properties"></a>Bootstrap Properties</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>The <em>bootstrap.conf</em> file in the <code>conf</code> directory allows users to configure settings for how NiFi Registry should be started. This includes parameters, such as the size of the Java Heap, what Java command to run, and Java System Properties.</p>
+</div>
+<div class="paragraph">
+<p>Here, we will address the different properties that are made available in the file. Any changes to this file will take effect only after NiFi Registry has been stopped and restarted.</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>java</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Specifies the fully qualified java command to run. By default, it is simply <code>java</code> but could be changed to an absolute path or a reference an environment variable, such as <code>$JAVA_HOME/bin/java</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>run.as</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The username to run NiFi Registry as. For instance, if NiFi Registry should be run as the <code>nifi_registry</code> user, setting this value to <code>nifi_registry</code> will cause the NiFi Registry Process to be run as the <code>nifi_registry</code> user. This property is ignored on Windows. For Linux, the specified user may require sudo permissions.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>lib.dir</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The <em>lib</em> directory to use for NiFi Registry. By default, this is set to <code>./lib</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>conf.dir</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The <code>conf</code> directory to use for NiFi Registry. By default, this is set to <code>./conf</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>graceful.shutdown.seconds</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">When NiFi Registry is instructed to shutdown, the Bootstrap will wait this number of seconds for the process to shutdown cleanly. At this amount of time, if the service is still running, the Bootstrap will <code>kill</code> the process, or terminate it abruptly. By default, this is set to <code>20</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>java.arg.N</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Any number of JVM arguments can be passed to the NiFi Registry JVM when the process is started. These arguments are defined by adding properties to <em>bootstrap.conf</em> that begin with <code>java.arg.</code>. The rest of the property name is not relevant, other than to different property names, and will be ignored. The default includes properties for minimum and maximum Java Heap size, the garbage collector to use, et [...]
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.bootstrap.sensitive.key</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The root key (in hexadecimal format) for encrypted sensitive configuration values. When NiFi Registry is started, this root key is used to decrypt sensitive values from the <em>nifi-registry.properties</em> file into memory for later use.</p>
+<p class="tableblock">The <a href="administration-guide.html#encrypt-config_tool">Encrypt-Config Tool</a> can be used to specify the root key, encrypt sensitive values in <em>nifi-registry.properties</em> and update <em>bootstrap.conf</em>.</p></td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+<div class="sect1">
+<h2 id="proxy_configuration"><a class="anchor" href="administration-guide.html#proxy_configuration"></a>Proxy Configuration</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>When running Apache NiFi Registry behind a proxy there are a couple of key items to be aware of during deployment.</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>NiFi Registry is comprised of a number of web applications (web UI, web API, documentation), so the mapping needs to be configured for the <strong>root path</strong>.
+That way all context paths are passed through accordingly.</p>
+</li>
+<li>
+<p>If NiFi Registry is running securely, any proxy needs to be authorized to proxy user requests. These can be configured in the NiFi Registry UI through the
+Users administration section, by selecting 'Proxy' for the given user. Once these permissions are in place, proxies can begin proxying user requests.
+The end user identity must be relayed in a HTTP header. For example, if the end user sent a request to the proxy, the proxy must authenticate the user. Following
+this the proxy can send the request to NiFi Registry. In this request an HTTP header should be added as follows.</p>
+</li>
+</ul>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>X-ProxiedEntitiesChain: <end-user-identity></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>If the proxy is configured to send to another proxy, the request to NiFi Registry from the second proxy should contain a header as follows.</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>X-ProxiedEntitiesChain: <end-user-identity><proxy-1-identity></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>An example Apache proxy configuration that sets the required properties may look like the following. Complete proxy configuration is outside of the scope of this document.
+Please refer to the documentation of the proxy for guidance with your deployment environment and use case.</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>...
+<Location "/my-nifi">
+ ...
+ SSLEngine On
+ SSLCertificateFile /path/to/proxy/certificate.crt
+ SSLCertificateKeyFile /path/to/proxy/key.key
+ SSLCACertificateFile /path/to/ca/certificate.crt
+ SSLVerifyClient require
+ RequestHeader add X-ProxyScheme "https"
+ RequestHeader add X-ProxyHost "proxy-host"
+ RequestHeader add X-ProxyPort "443"
+ RequestHeader add X-ProxyContextPath "/my-nifi-registry"
+ RequestHeader add X-ProxiedEntitiesChain "<%{SSL_CLIENT_S_DN}>"
+ ProxyPass https://nifi-registry-host:8443
+ ProxyPassReverse https://nifi-registry-host:8443
+ ...
+</Location>
+...</pre>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="kerberos_service"><a class="anchor" href="administration-guide.html#kerberos_service"></a>Kerberos Service</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>NiFi Registry can be configured to use Kerberos SPNEGO (or "Kerberos Service") for authentication. In this scenario, users will hit the REST endpoint <code>/access/token/kerberos</code>
+and the server will respond with a <code>401</code> status code and the challenge response header <code>WWW-Authenticate: Negotiate</code>. This communicates to the browser to use the GSS-API
+and load the user’s Kerberos ticket and provide it as a Base64-encoded header value in the subsequent request. It will be of the form <code>Authorization: Negotiate YII…​</code>.
+NiFi Registry will attempt to validate this ticket with the KDC. If it is successful, the user’s <em>principal</em> will be returned as the identity, and the flow will follow
+login/credential authentication, in that a JWT will be issued in the response to prevent the unnecessary overhead of Kerberos authentication on every subsequent request.
+If the ticket cannot be validated, it will return with the appropriate error response code. The user will then be able to provide their Kerberos credentials to the login
+form if the <code>KerberosIdentityProvider</code> has been configured. See <a href="administration-guide.html#kerberos_identity_provider">Kerberos Identity Provider</a> for more details.</p>
+</div>
+<div class="paragraph">
+<p>NiFi Registry will only respond to Kerberos SPNEGO negotiation over an HTTPS connection, as unsecured requests are never authenticated.</p>
+</div>
+<div class="paragraph">
+<p>See <a href="administration-guide.html#kerberos_properties">Kerberos Properties</a> for complete documentation.</p>
+</div>
+<div class="sect2">
+<h3 id="kerberos_service_notes"><a class="anchor" href="administration-guide.html#kerberos_service_notes"></a>Notes</h3>
+<div class="ulist">
+<ul>
+<li>
+<p>Kerberos is case-sensitive in many places and the error messages (or lack thereof) may not be sufficiently explanatory.
+Check the case sensitivity of the service principal in your configuration files. The convention is <code>HTTP/fully.qualified.domain@REALM</code>.</p>
+</li>
+<li>
+<p>Browsers have varying levels of restriction when dealing with SPNEGO negotiations.
+Some will provide the local Kerberos ticket to any domain that requests it, while others whitelist the trusted domains. See <a href="https://docs.spring.io/autorepo/docs/spring-security-kerberos/1.0.2.BUILD-SNAPSHOT/reference/htmlsingle/#browserspnegoconfig" target="_blank" rel="noopener">Spring Security Kerberos - Reference Documentation: Appendix E. Configure browsers for SPNEGO Negotiation</a> for common browsers.</p>
+</li>
+<li>
+<p>Some browsers (legacy IE) do not support recent encryption algorithms such as AES, and are restricted to legacy algorithms (DES). This should be noted when generating keytabs.</p>
+</li>
+<li>
+<p>The KDC must be configured and a service principal defined for NiFi and a keytab exported. Comprehensive instructions for Kerberos server configuration and administration are beyond the scope of this document (see <a href="https://web.mit.edu/kerberos/krb5-current/doc/admin/index.html" target="_blank" rel="noopener">MIT Kerberos Admin Guide</a>), but an example is below.</p>
+</li>
+<li>
+<p>Kerberos tickets may use AES encryption with keys up to 256-bits in length, and therefore unlimited strength encryption policies may be required for the Jave Runtime Environment (JRE) used for NiFi Registry when Kerberos SPNEGO is configured.</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>Adding a service principal for a server at <code>nifi.nifi.apache.org</code> and exporting the keytab from the KDC:</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>root@kdc:/etc/krb5kdc# kadmin.local
+Authenticating as principal admin/admin@NIFI.APACHE.ORG with password.
+kadmin.local: listprincs
+K/M@NIFI.APACHE.ORG
+admin/admin@NIFI.APACHE.ORG
+...
+kadmin.local: addprinc -randkey HTTP/nifi.nifi.apache.org
+WARNING: no policy specified for HTTP/nifi.nifi.apache.org@NIFI.APACHE.ORG; defaulting to no policy
+Principal "HTTP/nifi.nifi.apache.org@NIFI.APACHE.ORG" created.
+kadmin.local: ktadd -k /http-nifi.keytab HTTP/nifi.nifi.apache.org
+Entry for principal HTTP/nifi.nifi.apache.org with kvno 2, encryption type des3-cbc-sha1 added to keytab WRFILE:/http-nifi.keytab.
+Entry for principal HTTP/nifi.nifi.apache.org with kvno 2, encryption type des-cbc-crc added to keytab WRFILE:/http-nifi.keytab.
+kadmin.local: listprincs
+HTTP/nifi.nifi.apache.org@NIFI.APACHE.ORG
+K/M@NIFI.APACHE.ORG
+admin/admin@NIFI.APACHE.ORG
+...
+kadmin.local: q
+root@kdc:~# ll /http*
+-rw------- 1 root root 162 Mar 14 21:43 /http-nifi.keytab
+root@kdc:~#</pre>
+</div>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="system_properties"><a class="anchor" href="administration-guide.html#system_properties"></a>System Properties</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>The <em>nifi-registry.properties</em> file in the <code>conf</code> directory is the main configuration file for controlling how NiFi Registry runs. This section
+provides an overview of the properties in this file and includes some notes on how to configure it in a way that will make upgrading easier.
+<strong>After making changes to this file, restart NiFi Registry in order for the changes to take effect.</strong></p>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+Values for periods of time and data sizes must include the unit of measure, for example "10 secs" or "10 MB", not simply "10".
+</td>
+</tr>
+</table>
+</div>
+<div class="sect2">
+<h3 id="web-properties"><a class="anchor" href="administration-guide.html#web-properties"></a>Web Properties</h3>
+<div class="paragraph">
+<p>These properties pertain to the web-based User Interface.</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.web.war.directory</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">This is the location of the web war directory. The default value is <code>./lib</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.web.http.host</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The HTTP host. It is blank by default.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.web.http.port</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The HTTP port. The default value is <code>18080</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.web.https.host</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The HTTPS host. It is blank by default.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.web.https.port</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The HTTPS port. It is blank by default. When configuring NiFi Registry to run securely, this port should be configured.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.web.jetty.working.directory</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The location of the Jetty working directory. The default value is <code>./work/jetty</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.web.jetty.threads</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The number of Jetty threads. The default value is <code>200</code>.</p></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="sect2">
+<h3 id="security-properties"><a class="anchor" href="administration-guide.html#security-properties"></a>Security Properties</h3>
+<div class="paragraph">
+<p>These properties pertain to various security features in NiFi Registry. Many of these properties are covered in more detail in the
+<a href="administration-guide.html#security_configuration">Security Configuration</a> section.</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.keystore</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The full path and name of the keystore. It is blank by default.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.keystoreType</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The keystore type. It is blank by default.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.keystorePasswd</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The keystore password. It is blank by default.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.keyPasswd</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The key password. It is blank by default.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.truststore</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The full path and name of the truststore. It is blank by default.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.truststoreType</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The truststore type. It is blank by default.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.truststorePasswd</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The truststore password. It is blank by default.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.needClientAuth</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">This specifies that connecting clients must authenticate with a client cert. Setting this to <code>false</code> will specify that connecting clients may optionally authenticate with a client cert, but may also login with a username and password against a configured identity provider. The default value is <code>true</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.authorizers.configuration.file</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">This is the location of the file that specifies how authorizers are defined. The default value is <code>./conf/authorizers.xml</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.authorizer</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Specifies which of the configured Authorizers in the <em>authorizers.xml</em> file to use. By default, it is set to <code>managed-authorizer</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.identity.providers.configuration.file</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">This is the location of the file that specifies how username/password authentication is performed. This file is only considered if <code>nifi.registry.security.identity.provider</code> is configured with a provider identifier. The default value is <code>./conf/identity-providers.xml</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.security.identity.provider</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">This indicates what type of identity provider to use. The default value is blank, can be set to the identifier from a provider in the file specified in <code>nifi.registry.security.identity.providers.configuration.file</code>. Setting this property will trigger NiFi Registry to support username/password authentication.</p></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="sect2">
+<h3 id="identity-mapping-properties"><a class="anchor" href="administration-guide.html#identity-mapping-properties"></a>Identity Mapping Properties</h3>
+<div class="paragraph">
+<p>These properties can be utilized to normalize user identities. When implemented, identities authenticated by different identity providers (certificates, LDAP, Kerberos) are treated the same internally in NiFi Registry. As a result, duplicate users are avoided and user-specific configurations such as authorizations only need to be setup once per user.</p>
+</div>
+<div class="paragraph">
+<p>The following examples demonstrate normalizing DNs from certificates and principals from Kerberos:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre>nifi.registry.security.identity.mapping.pattern.dn=^CN=(.*?), OU=(.*?), O=(.*?), L=(.*?), ST=(.*?), C=(.*?)$
+nifi.registry.security.identity.mapping.value.dn=$1@$2
+nifi.registry.security.identity.mapping.transform.dn=NONE
+nifi.registry.security.identity.mapping.pattern.kerb=^(.*?)/instance@(.*?)$
+nifi.registry.security.identity.mapping.value.kerb=$1@$2
+nifi.registry.security.identity.mapping.transform.kerb=NONE</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>The last segment of each property is an identifier used to associate the pattern with the replacement value. When a user makes a request to NiFi Registry, their identity is checked to see if it matches each of those patterns in lexicographical order. For the first one that matches, the replacement specified in the <code>nifi.registry.security.identity.mapping.value.xxxx</code> property is used. So a login with <code>CN=localhost, OU=Apache NiFi, O=Apache, L=Santa Monica, ST=CA, C=US [...]
+</div>
+<div class="paragraph">
+<p>In addition to mapping, a transform may be applied. The supported versions are <code>NONE</code> (no transform applied), <code>LOWER</code> (identity lowercased), and <code>UPPER</code> (identity uppercased). If not specified, the default value is <code>NONE</code>.</p>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+These mappings are also applied to the "Initial Admin Identity" in the <em>authorizers.xml</em> file, as well as users imported from LDAP (See <a href="administration-guide.html#authorizers-setup">Authorizers.xml Setup</a>).
+</td>
+</tr>
+</table>
+</div>
+<div class="paragraph">
+<p>Group names can also be mapped. The following example will accept the existing group name but will lowercase it. This may be helpful when used in conjunction with an external authorizer.</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre>nifi.registry.security.group.mapping.pattern.anygroup=^(.*)$
+nifi.registry.security.group.mapping.value.anygroup=$1
+nifi.registry.security.group.mapping.transform.anygroup=LOWER</pre>
+</div>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+These mappings are applied to groups imported from LDAP.
+</td>
+</tr>
+</table>
+</div>
+</div>
+<div class="sect2">
+<h3 id="providers-properties"><a class="anchor" href="administration-guide.html#providers-properties"></a>Providers Properties</h3>
+<div class="paragraph">
+<p>These properties pertain to flow persistence providers. NiFi Registry uses a pluggable flow persistence provider to store the
+content of the flows saved to the registry. For further details on persistence providers, refer <a href="administration-guide.html#persistence-providers">Persistence Providers</a>.</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.providers.configuration.file</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">This is the location of the file where flow persistence providers are configured. The default value is <code>./conf/providers.xml</code>.</p></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="sect2">
+<h3 id="alias-properties"><a class="anchor" href="administration-guide.html#alias-properties"></a>Alias Properties</h3>
+<div class="paragraph">
+<p>These properties pertain to the support for URL aliasing. For further details, refer to <a href="administration-guide.html#url-aliasing">URL Aliasing</a>.</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.registry.alias.configuration.file</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">This is the location of the file where URL aliases are configured. The default value is <code>./conf/registry-aliases.xml</code>.</p></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="sect2">
+<h3 id="database-properties"><a class="anchor" href="administration-guide.html#database-properties"></a>Database Properties</h3>
+<div class="paragraph">
+<p>These properties define the settings for the Registry database, which keeps track of metadata about buckets and all items stored in buckets.</p>
+</div>
+<div class="paragraph">
+<p>The 0.1.0 release leveraged an embedded H2 database that was configured via the following properties:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.db.directory</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The location of the Registry database directory. The default value is <code>./database</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.db.url.append</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">This property specifies additional arguments to add to the connection string for the Registry database. The default value should be used and should not be changed. It is: <code>;LOCK_TIMEOUT=25000;WRITE_DELAY=0;AUTO_SERVER=FALSE</code>.</p></td>
+</tr>
+</tbody>
+</table>
+<div class="paragraph">
+<p>The 0.2.0 release introduced a more flexible approach which allows leveraging an external database. This new approach
+is configured via the following properties:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.db.url</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The full JDBC connection string. The default value will specify a new H2 database in the same location as the previous one. For example, <code>jdbc:h2:./database/nifi-registry-primary;</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.db.driver.class</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The class name of the JDBC driver. The default value is <code>org.h2.Driver</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.db.driver.directory</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">An optional directory containing one or more JARs to add to the classpath. If not specified, it is assumed that the driver JAR is already on the classpath by copying it to the <code>lib</code> directory. The H2 driver is bundled with Registry so it is not necessary to do anything for the default case.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.db.username</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The username for the database. The default value is <code>nifireg</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.db.password</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The password for the database. The default value is <code>nifireg</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.db.maxConnections</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The max number of connections for the connection pool. The default value is <code>5</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.db.sql.debug</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Whether or not enable debug logging for SQL statements. The default value is <code>false</code>.</p></td>
+</tr>
+</tbody>
+</table>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+When upgrading from 0.1.0 to a future version, if <code>nifi.registry.db.directory</code> remains populated, the application will
+attempt to migrate the data from the original database to the new database specified with the new properties. This will only
+happen the first time the application starts with the new database properties.
+</td>
+</tr>
+</table>
+</div>
+</div>
+<div class="sect2">
+<h3 id="extension-directories"><a class="anchor" href="administration-guide.html#extension-directories"></a>Extension Directories</h3>
+<div class="paragraph">
+<p>Each property beginning with <code>nifi.registry.extension.dir.</code> will be treated as location for an extension, and a class loader will be created for each location, with the system class loader as the parent.</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.extension.dir.1</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The full path on the filesystem to the location of the JARs for the given extension</p></td>
+</tr>
+</tbody>
+</table>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+Multiple extension directories can be specified by using the <code>nifi.registry.extension.dir.</code> prefix with unique suffixes and separate paths as values.
+For example, to provide an additional extension directory, a user could also specify additional properties with keys of: <code>nifi.registry.extension.dir.2=/path/to/extension2</code>,
+providing 2 total locations, including <code>nifi.registry.extension.dir.1</code>.
+</td>
+</tr>
+</table>
+</div>
+</div>
+<div class="sect2">
+<h3 id="kerberos_properties"><a class="anchor" href="administration-guide.html#kerberos_properties"></a>Kerberos Properties</h3>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.kerberos.krb5.file</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The location of the krb5 file, if used. It is blank by default. At this time, only a single krb5 file is allowed to
+ be specified per NiFi instance, so this property is configured here to support SPNEGO and service principals rather than in individual Processors.
+ If necessary the krb5 file can support multiple realms.
+ Example: <code>/etc/krb5.conf</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.kerberos.spnego.principal</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The name of the NiFi Registry Kerberos SPNEGO principal, if used. It is blank by default. Note that this property is used to authenticate NiFi Registry users.
+ Example: <code>HTTP/nifi.registry.example.com</code> or <code>HTTP/nifi.registry.example.com@EXAMPLE.COM</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.kerberos.spnego.keytab.location</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The file path of the NiFi Registry Kerberos SPNEGO keytab, if used. It is blank by default. Note that this property is used to authenticate NiFi Registry users.
+ Example: <code>/etc/http-nifi-registry.keytab</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>nifi.registry.kerberos.spengo.authentication.expiration</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The expiration duration of a successful Kerberos user authentication, if used. The default value is <code>12 hours</code>.</p></td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="metadata-database"><a class="anchor" href="administration-guide.html#metadata-database"></a>Metadata Database</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>The metadata database maintains the knowledge of which buckets exist, which versioned items belong to which buckets, as well as the version history for each item.</p>
+</div>
+<div class="paragraph">
+<p>Currently, NiFi Registry supports using H2, Postgres (10.x - 13.x), and MySQL (8.0) for the relational database engine.</p>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+NiFi Registry 0.1.0 only supports H2.
+</td>
+</tr>
+</table>
+</div>
+<div class="sect2">
+<h3 id="h2"><a class="anchor" href="administration-guide.html#h2"></a>H2</h3>
+<div class="paragraph">
+<p>H2 is an embedded database that is pre-configured in the default <em>nifi-registry.properties</em> file. The contents of the H2 database are stored in a file on the local filesystem.</p>
+</div>
+<div class="paragraph">
+<p>For NiFi Registry 0.1.0, the location of the H2 database is specified by the property:</p>
+</div>
+<div class="paragraph">
+<p><code>nifi.registry.db.directory=./database</code></p>
+</div>
+<div class="paragraph">
+<p>For NiFi Registry 0.2.0 and forward, the location of the H2 database is specified as part of the JDBC URL property:</p>
+</div>
+<div class="paragraph">
+<p><code>nifi.registry.db.url=jdbc:h2:./database/nifi-registry-primary;</code></p>
+</div>
+<div class="sect3">
+<h4 id="changing-password-in-existing-h2-database"><a class="anchor" href="administration-guide.html#changing-password-in-existing-h2-database"></a>Changing password in existing H2 database</h4>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Download H2 driver from official repository <a href="https://www.h2database.com/html/download.html" class="bare">https://www.h2database.com/html/download.html</a> and place it somewhere accessible to NiFi Registry user</p>
+</li>
+<li>
+<p>Run H2 database shell</p>
+<div class="literalblock">
+<div class="content">
+<pre>java -cp h2*.jar org.h2.tools.Shell</pre>
+</div>
+</div>
+</li>
+<li>
+<p>Connect to database</p>
+<div class="literalblock">
+<div class="content">
+<pre>Welcome to H2 Shell 1.4.200 (2019-10-14)
+Exit with Ctrl+C
+URL jdbc:h2:./database/nifi-registry-primary
+Driver org.h2.Driver
+User nifireg
+Password
+Connected</pre>
+</div>
+</div>
+</li>
+<li>
+<p>Change password</p>
+<div class="literalblock">
+<div class="content">
+<pre>ALTER USER nifireg SET PASSWORD 'NEW_PASSWORD';</pre>
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="postgres"><a class="anchor" href="administration-guide.html#postgres"></a>Postgres</h3>
+<div class="paragraph">
+<p>Postgres provides the option to use an externally located database that also supports high availability.</p>
+</div>
+<div class="paragraph">
+<p>The following steps are required to use Postgres:</p>
+</div>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Download the Postgres JDBC driver and place it somewhere accessible to NiFi Registry</p>
+<div class="literalblock">
+<div class="content">
+<pre>/path/to/drivers/postgresql-42.2.2.jar</pre>
+</div>
+</div>
+</li>
+<li>
+<p>Create a database inside Postgres</p>
+<div class="literalblock">
+<div class="content">
+<pre>createdb nifireg</pre>
+</div>
+</div>
+</li>
+<li>
+<p>Create a database user and grant privileges</p>
+<div class="literalblock">
+<div class="content">
+<pre>psql nifireg
+CREATE USER nifireg WITH PASSWORD 'changeme';
+GRANT ALL PRIVILEGES ON DATABASE nifireg to nifireg;
+\q</pre>
+</div>
+</div>
+</li>
+<li>
+<p>Configure the database properties in <em>nifi-registry.properties</em></p>
+<div class="literalblock">
+<div class="content">
+<pre>nifi.registry.db.url=jdbc:postgresql://<POSTGRES-HOSTNAME>/nifireg
+nifi.registry.db.driver.class=org.postgresql.Driver
+nifi.registry.db.driver.directory=/path/to/drivers
+nifi.registry.db.username=nifireg
+nifi.registry.db.password=changeme</pre>
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect2">
+<h3 id="mysql"><a class="anchor" href="administration-guide.html#mysql"></a>MySQL</h3>
+<div class="paragraph">
+<p>MySQL also provides the option to use an externally located database that also supports high availability.</p>
+</div>
+<div class="paragraph">
+<p>The following steps are required to use MySQL:</p>
+</div>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Download the MySQL JDBC driver and place it somewhere accessible to NiFi Registry</p>
+<div class="literalblock">
+<div class="content">
+<pre>/path/to/drivers/mysql-connector-java-8.0.16.jar</pre>
+</div>
+</div>
+</li>
+<li>
+<p>Create a database inside MySQL (enter mysql shell using <code>mysql -u root -p</code></p>
+<div class="literalblock">
+<div class="content">
+<pre>CREATE DATABASE nifi_registry;</pre>
+</div>
+</div>
+</li>
+<li>
+<p>Create a database user and grant privileges (for remote users, use <code>nifireg'@'<IP-ADDRESS></code>, or <code>nifireg'@'%</code> for any remote host)</p>
+<div class="literalblock">
+<div class="content">
+<pre>GRANT ALL PRIVILEGES ON nifi_registry.* TO 'nifireg'@'localhost' IDENTIFIED BY 'changeme';</pre>
+</div>
+</div>
+</li>
+<li>
+<p>Configure the database properties in <em>nifi-registry.properties</em></p>
+<div class="literalblock">
+<div class="content">
+<pre>nifi.registry.db.url=jdbc:mysql://<MYSQL-HOSTNAME>/nifi_registry
+nifi.registry.db.driver.class=com.mysql.cj.jdbc.Driver
+nifi.registry.db.driver.directory=/path/to/drivers
+nifi.registry.db.username=nifireg
+nifi.registry.db.password=changeme</pre>
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="schema-differences-limitations"><a class="anchor" href="administration-guide.html#schema-differences-limitations"></a>Schema Differences & Limitations</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>Due to differences across database implementations, there are two versions of the schema for NiFi Registry’s metadata database. The original version supports H2 and Postgres, and a second versions supports MySQL.</p>
+</div>
+<div class="paragraph">
+<p>MySQL has limitations on the maximum size of text columns that are part of an index, or unique key. This means the maximum length of some columns is significantly less when using MySQL vs. H2/Postgres.</p>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+If choosing to use MySQL it is important to understand these limitations and accept them.
+</td>
+</tr>
+</table>
+</div>
+<div class="paragraph">
+<p>The following tables summarizes the schema differences in column lengths:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 33.3333%;">
+<col style="width: 33.3333%;">
+<col style="width: 33.3334%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Table.Column</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>H2/Postgres</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>MySQL</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">BUCKET.NAME</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">1000</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">767</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">FLOW_SNAPSHOT.CREATED_BY</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">4096</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">767</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">SIGNING_KEY.TENANT_IDENTITY</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">4096</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">767</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">BUNDLE.GROUP_ID</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">500</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">200</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">BUNDLE.ARTIFACT_ID</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">500</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">200</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">BUNDLE_VERSION.CREATED_BY</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">4096</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">767</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">BUNDLE_VERSION.BUILT_BY</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">4096</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">767</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">BUNDLE_VERSION_DEPENDENCY.GROUP_ID</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">500</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">200</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">BUNDLE_VERSION_DEPENDENCY.ARTIFACT_ID</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">500</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">200</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">EXTENSION_PROVIDED_SERVICE_API.CLASS_NAME</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">500</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">200</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">EXTENSION_PROVIDED_SERVICE_API.GROUP_ID</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">500</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">200</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">EXTENSION_PROVIDED_SERVICE_API.ARTIFACT_ID</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">500</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">200</p></td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+<div class="sect1">
+<h2 id="persistence-providers"><a class="anchor" href="administration-guide.html#persistence-providers"></a>Persistence Providers</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>NiFi Registry uses a pluggable persistence provider to store the content of each versioned item. Each type of versioned item, such as a versioned flow or extension bundle, has its own persistence provider.</p>
+</div>
+<div class="paragraph">
+<p>Each persistence provider has its own configuration parameters, which can be configured in an XML file specified in <em><a href="administration-guide.html#providers-properties">nifi-registry.properties</a></em>.</p>
+</div>
+<div class="sect2">
+<h3 id="flow-persistence-providers"><a class="anchor" href="administration-guide.html#flow-persistence-providers"></a>Flow Persistence Providers</h3>
+<div class="paragraph">
+<p>The flow persistence provider stores the content of the flows saved to the registry. NiFi Registry provides <code><a href="administration-guide.html#filesystemflowpersistenceprovider">FileSystemFlowPersistenceProvider</a></code> and <code><a href="administration-guide.html#gitflowpersistenceprovider">GitFlowPersistenceProvider</a></code>.</p>
+</div>
+<div class="paragraph">
+<p>The XML configuration file looks like below. It has a <code>flowPersistenceProvider</code> element in which qualified class name of a persistence provider implementation and its configuration properties are defined. See following sections for available configurations for each provider.</p>
+</div>
+<div class="listingblock">
+<div class="title">Example flow persistence provider in providers.xml</div>
+<div class="content">
+<pre class="highlight"><code class="language-xml" data-lang="xml"><flowPersistenceProvider>
+ <class>persistence-provider-qualified-class-name</class>
+ <property name="property-1">property-value-1</property>
+ <property name="property-2">property-value-2</property>
+ <property name="property-n">property-value-n</property>
+</flowPersistenceProvider></code></pre>
+</div>
+</div>
+<div class="sect3">
+<h4 id="filesystemflowpersistenceprovider"><a class="anchor" href="administration-guide.html#filesystemflowpersistenceprovider"></a>FileSystemFlowPersistenceProvider</h4>
+<div class="paragraph">
+<p>FileSystemFlowPersistenceProvider simply stores serialized Flow contents into <code>{bucket-id}/{flow-id}/{version}</code> directories.</p>
+</div>
+<div class="paragraph">
+<p>Example of persisted files:</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>Flow Storage Directory/
+├── {bucket-id}/
+│ └── {flow-id}/
+│ ├── {version}/{version}.snapshot
+└── d1beba88-32e9-45d1-bfe9-057cc41f7ce8/
+ └── 219cf539-427f-43be-9294-0644fb07ca63/
+ ├── 1/1.snapshot
+ └── 2/2.snapshot</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>Qualified class name: <code>org.apache.nifi.registry.provider.flow.FileSystemFlowPersistenceProvider</code></p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Flow Storage Directory</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">REQUIRED: File system path for a directory where flow contents files are persisted to. If the directory does not exist when NiFi Registry starts, it will be created. If the directory exists, it must be readable and writable from NiFi Registry.</p></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="sect3">
+<h4 id="gitflowpersistenceprovider"><a class="anchor" href="administration-guide.html#gitflowpersistenceprovider"></a>GitFlowPersistenceProvider</h4>
+<div class="paragraph">
+<p><code>GitFlowPersistenceProvider</code> stores flow contents under a Git directory.</p>
+</div>
+<div class="paragraph">
+<p>In contrast to <code>FileSystemFlowPersistenceProvider</code>, this provider uses human friendly Bucket and Flow names so that those files can be accessed by external tools. However, it is NOT supported to modify stored files outside of NiFi Registry. Persisted files are only read when NiFi Registry starts up.</p>
+</div>
+<div class="paragraph">
+<p>Buckets are represented as directories and Flow contents are stored as files in a Bucket directory they belong to. Flow snapshot histories are managed as Git commits, meaning only the latest version of Buckets and Flows exist in the Git directory. Old versions are retrieved from Git commit histories.</p>
+</div>
+<div class="literalblock">
+<div class="title">Example persisted files</div>
+<div class="content">
+<pre>Flow Storage Directory/
+├── .git/
+├── Bucket_A/
+│ ├── bucket.yml
+│ ├── Flow_1.snapshot
+│ └── Flow_2.snapshot
+└── Bucket_B/
+ ├── bucket.yml
+ └── Flow_4.snapshot</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>Each Bucket directory contains a YAML file named <code>bucket.yml</code>. The file manages links from NiFi Registry Bucket and Flow IDs to actual directory and file names. When NiFi Registry starts, this provider reads through Git commit histories and lookup these <code>bucket.yml</code> files to restore Buckets and Flows for each snapshot version.</p>
+</div>
+<div class="listingblock">
+<div class="title">Example bucket.yml</div>
+<div class="content">
+<pre class="highlight"><code class="language-yml" data-lang="yml">layoutVer: 1
+bucketId: d1beba88-32e9-45d1-bfe9-057cc41f7ce8
+flows:
+ 219cf539-427f-43be-9294-0644fb07ca63: {ver: 7, file: Flow_1.snapshot}
+ 22cccb6c-3011-4493-a996-611f8f112969: {ver: 3, file: Flow_2.snapshot}</code></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>Qualified class name: <code>org.apache.nifi.registry.provider.flow.git.GitFlowPersistenceProvider</code></p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Flow Storage Directory</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">REQUIRED: File system path for a directory where flow contents files are persisted to. The directory must exist when NiFi registry starts. Also must be initialized as a Git directory. See <a href="administration-guide.html#initialize-git-directory">Initialize Git directory</a> for detail.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Remote To Push</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">When a new flow snapshot is created, this persistence provider updates files in the specified Git directory, then creates a commit to the local repository. If <code>Remote To Push</code> is defined, it also pushes to the specified remote repository (e.g. <code>origin</code>). To define more detailed remote spec such as branch names, use <code>Refspec</code> (see
+<a href="https://git-scm.com/book/en/v2/Git-Internals-The-Refspec" target="_blank" rel="noopener">https://git-scm.com/book/en/v2/Git-Internals-The-Refspec</a>).</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Remote Access User</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">This username is used to make push requests to the remote repository when <code>Remote To Push</code> is enabled, and the remote repository is accessed by HTTP protocol. If SSH is used, user authentication is done with SSH keys.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Remote Access Password</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The password for the <code>Remote Access User</code>.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Remote Clone Repository</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Remote repository URI to use to clone into <code>Flow Storage Directory</code>, if local repository is not present in <code>Flow Storage Directory</code>. If left empty the git directory needs to be configured as per <a href="administration-guide.html#initialize-git-directory">Initialize Git directory</a>. If URI is provided then <code>Remote Access User</code> and <code>Remote Access Password</code> also should be present.
+Currently, default branch of remote will be cloned.</p></td>
+</tr>
+</tbody>
+</table>
+<div class="sect4">
+<h5 id="initialize-git-directory"><a class="anchor" href="administration-guide.html#initialize-git-directory"></a>Initialize Git directory</h5>
+<div class="paragraph">
+<p>In order to use <code>GitFlowPersistenceRepository</code>, you need to prepare a Git directory on the local file system. You can do so by initializing a directory with <code>git init</code> command, or clone an existing Git project from a remote Git repository by <code>git clone</code> command. If you want to clone the default branch of remote repository automatically, set the <code>Remote Clone Repository</code> as described above.</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p><code>git init</code> command
+<a href="https://git-scm.com/docs/git-init" target="_blank" rel="noopener">https://git-scm.com/docs/git-init</a></p>
+</li>
+<li>
+<p><code>git clone</code> command
+<a href="https://git-scm.com/docs/git-clone" target="_blank" rel="noopener">https://git-scm.com/docs/git-clone</a></p>
+</li>
+</ul>
+</div>
+</div>
+<div class="sect4">
+<h5 id="git-user-configuration"><a class="anchor" href="administration-guide.html#git-user-configuration"></a>Git user configuration</h5>
+<div class="paragraph">
+<p>This persistence provider uses preconfigured Git user name and user email address when it creates Git commits. NiFi Registry user name is added to commit messages.</p>
+</div>
+<div class="literalblock">
+<div class="title">Example commit</div>
+<div class="content">
+<pre>commit 774d4bd125f2b1200f0a5ee1f1e9fedc6a415e83
+Author: git-user <git-user@example.com>
+Date: Tue May 8 14:30:31 2018 +0900
+
+ Commit message.
+
+ By NiFi Registry user: nifi-registry-user-1</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>You can configure Git user name and email address by <code>git config</code> command.</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p><code>git config</code> command
+<a href="https://git-scm.com/docs/git-config" target="_blank" rel="noopener">https://git-scm.com/docs/git-config</a></p>
+</li>
+</ul>
+</div>
+</div>
+<div class="sect4">
+<h5 id="git-user-authentication"><a class="anchor" href="administration-guide.html#git-user-authentication"></a>Git user authentication</h5>
+<div class="paragraph">
+<p>By default, this persistence repository only create commits to local repository. No user authentication is needed to do so. However, if 'Commit To Push' is enabled, user authentication to the remote Git repository is required.</p>
+</div>
+<div class="paragraph">
+<p>If the remote repository is accessed by HTTP, then username and password for authentication can be configured in the providers XML configuration file.</p>
+</div>
+<div class="paragraph">
+<p>When SSH is used, SSH keys are used to identify a Git user. In order to pick the right key to a remote server, the SSH configuration file <code>${USER_HOME}/.ssh/config</code> is used. The SSH configuration file can contain multiple <code>Host</code> entries to specify a key file to login to a remote Git server. The <code>Host</code> must match with the target remote Git server hostname.</p>
+</div>
+<div class="literalblock">
+<div class="title">example SSH config file</div>
+<div class="content">
+<pre>Host git.example.com
+ HostName git.example.com
+ IdentityFile ~/.ssh/id_rsa
+
+Host github.com
+ HostName github.com
+ IdentityFile ~/.ssh/key-for-github
+
+Host bitbucket.org
+ HostName bitbucket.org
+ IdentityFile ~/.ssh/key-for-bitbucket</pre>
+</div>
+</div>
+</div>
+</div>
+<div class="sect3">
+<h4 id="databaseflowpersistenceprovider"><a class="anchor" href="administration-guide.html#databaseflowpersistenceprovider"></a>DatabaseFlowPersistenceProvider</h4>
+<div class="paragraph">
+<p><code>DatabaseFlowPersistenceProvider</code> stores flow contents in a database table.</p>
+</div>
+<div class="paragraph">
+<p>This provider leverages the same database used for the metadata database, so there is no configuration to provide since the
+connection details will come from the database properties in <code>nifi-registry.properties</code>.</p>
+</div>
+<div class="paragraph">
+<p>The database table is named <code>FLOW_PERSISTENCE_PROVIDER</code> and has the following schema:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Column</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">BUCKET_ID</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The identifier of the bucket where the flow is located.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">FLOW_ID</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The identifier of the flow.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">VERSION</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The version of the flow.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">FLOW_CONTENT</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The serialized bytes of the flow content stored as a BLOB.</p></td>
+</tr>
+</tbody>
+</table>
+</div>
+<div class="sect3">
+<h4 id="switching-from-other-flow-persistence-provider"><a class="anchor" href="administration-guide.html#switching-from-other-flow-persistence-provider"></a>Switching from other Flow Persistence Provider</h4>
+<div class="paragraph">
+<p>In order to switch the Flow Persistence Provider, it is necessary to reset NiFi Registry.
+For example, to switch from <code>FileSystemFlowPersistenceProvider</code> to <code>GitFlowPersistenceProvider</code>, follow these steps:</p>
+</div>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Stop version control on all ProcessGroups in NiFi</p>
+</li>
+<li>
+<p>Stop NiFi Registry</p>
+</li>
+<li>
+<p>Move the H2 DB (specified as <code>nifi.registry.db.directory</code> in <em>nifi-registry.properties</em>) and <code>Flow Storage Directory</code> for <code>FileSystemFlowPersistenceProvider</code> directories somewhere for back up</p>
+</li>
+<li>
+<p>Configure <code>GitFlowPersistenceProvider</code> provider in <em>providers.xml</em></p>
+</li>
+<li>
+<p>Start NiFi Registry</p>
+</li>
+<li>
+<p>Recreate any buckets</p>
+</li>
+<li>
+<p>Start version control on all ProcessGroups again</p>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect3">
+<h4 id="data-model-version-of-serialized-flow-snapshots"><a class="anchor" href="administration-guide.html#data-model-version-of-serialized-flow-snapshots"></a>Data model version of serialized Flow snapshots</h4>
+<div class="paragraph">
+<p>Serialized Flow snapshots saved by these persistence providers have versions, so that the data format and schema can evolve over time. Data model version update is done automatically by NiFi Registry when it reads and stores each Flow content.</p>
+</div>
+<div class="paragraph">
+<p>Here is the data model version histories:</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 33.3333%;">
+<col style="width: 33.3333%;">
+<col style="width: 33.3334%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Data model version</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Since NiFi Registry</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">2</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">0.2</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">JSON formatted text file. The root object contains header and Flow content object.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">1</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">0.1</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Binary format having header bytes at the beginning followed by Flow content represented as XML.</p></td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+<div class="sect2">
+<h3 id="bundle-persistence-providers"><a class="anchor" href="administration-guide.html#bundle-persistence-providers"></a>Bundle Persistence Providers</h3>
+<div class="paragraph">
+<p>The bundle persistence provider stores the content of extension bundles saved to the registry. NiFi Registry provides <code><a href="administration-guide.html#filesystembundlepersistenceprovider">FileSystemBundlePersistenceProvider</a></code> and <code><a href="administration-guide.html#s3bundlepersistenceprovider">S3BundlePersistenceProvider</a></code>.</p>
+</div>
+<div class="paragraph">
+<p>The XML configuration file looks like below. It has a <code>extensionBundlePersistenceProvider</code> element in which the qualified class name of a persistence provider implementation and its configuration properties are defined. See following sections for available configurations for each provider.</p>
+</div>
+<div class="listingblock">
+<div class="title">Example extension bundle persistence provider in providers.xml</div>
+<div class="content">
+<pre class="highlight"><code class="language-xml" data-lang="xml"><extensionBundlePersistenceProvider>
+ <class>persistence-provider-qualified-class-name</class>
+ <property name="property-1">property-value-1</property>
+ <property name="property-2">property-value-2</property>
+ <property name="property-n">property-value-n</property>
+</extensionBundlePersistenceProvider></code></pre>
+</div>
+</div>
+<div class="sect3">
+<h4 id="filesystembundlepersistenceprovider"><a class="anchor" href="administration-guide.html#filesystembundlepersistenceprovider"></a>FileSystemBundlePersistenceProvider</h4>
+<div class="paragraph">
+<p>The <code>FileSystemBundlePersistenceProvider</code> stores the content of extension bundles on the local file system. The bundles are organized in directories according to bucket id, group, artifact, and version.</p>
+</div>
+<div class="paragraph">
+<p>Example of persisted extension bundles:</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>Extension Bundle Storage Directory/
+├── {bucket-id}/
+ └── {group-id}/
+ └── {artifact-id}
+ └── {version}/{artifact-id}-{version}.{extension}
+├── d1beba88-32e9-45d1-bfe9-057cc41f7ce8/
+ └── org.apache.nifi
+ └── nifi-example-nar
+ └── 1.0.0/nifi-example-nar-1.0.0.nar
+ └── 2.0.0/nifi-example-nar-2.0.0.nar</pre>
+</div>
+</div>
+<div class="sect4">
+<h5 id="configuration"><a class="anchor" href="administration-guide.html#configuration"></a>Configuration</h5>
+<div class="paragraph">
+<p>Qualified class name: <code>org.apache.nifi.registry.provider.extension.FileSystemBundlePersistenceProvider</code></p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Extension Bundle Storage Directory</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">REQUIRED: File system path for a directory where extension bundle contents files are persisted to. If the directory does not exist when NiFi Registry starts, it will be created. If the directory exists, it must be readable and writable from NiFi Registry.</p></td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+<div class="sect3">
+<h4 id="s3bundlepersistenceprovider"><a class="anchor" href="administration-guide.html#s3bundlepersistenceprovider"></a>S3BundlePersistenceProvider</h4>
+<div class="paragraph">
+<p>The <code>S3BundlePersistenceProvider</code> stores the content of extension bundles in a AWS S3 bucket. The bucket is expected to already exist and be accessible to the credentials provided to the persistence providcer.</p>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+This provider must be added to the classpath by specifying a custom extension directory in <em>nifi-registry.properties</em>, such as <code>nifi.registry.extension.dir.aws=./ext/aws/lib</code>, where <code>./ext/aws/</code> contains the contents of the extracted <em>nifi-registry-aws-assembly-<version>-bin.zip</em>.
+</td>
+</tr>
+</table>
+</div>
+<div class="paragraph">
+<p>The key of an extension bundle in the S3 bucket will be the following:</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>/{registry-bucket-id}/{group-id}/{artifact-id}/{version}/{artifact-id}-{version}.{extension}</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>If an optional Key Prefix is specified, then that prefix will be applied to the beginning of the above key.</p>
+</div>
+<div class="sect4">
+<h5 id="configuration-2"><a class="anchor" href="administration-guide.html#configuration-2"></a>Configuration</h5>
+<div class="paragraph">
+<p>Qualified class name: <code>org.apache.nifi.registry.aws.S3BundlePersistenceProvider</code></p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Property</strong></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><strong>Description</strong></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Region</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">REQUIRED: The name of the S3 region where the bucket exists.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Bucket Name</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">REQUIRED: The name of an existing bucket to store extension bundles.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Key Prefix</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">An optional prefix that if specified will be added to the beginning of all S3 keys.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Credentials Provider</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">REQUIRED: Indicates how credentials will be provided, must be a value of <code>DEFAULT_CHAIN</code> or <code>STATIC</code>. <code>DEFAULT_CHAIN</code> will consider in order: Java system properties, environment variables, credential profiles (<code>~/.aws/credentials</code>). <code>STATIC</code> requires that <code>Access Key</code> and <code>Secret Access Key</code> be specified directly in this file.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Access Key</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The access key to use when using <code>STATIC</code> credentials provider.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Secret Access Key</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">The secret access key to use when using <code>STATIC</code> credentials provider.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Endpoint URL</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">An optional URL that overrides the default AWS S3 endpoint URL. Set this when using an AWS S3 API compatible service hosted at a different URL.</p></td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="event-hooks"><a class="anchor" href="administration-guide.html#event-hooks"></a>Event Hooks</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>Event hooks are an integration point that allows for custom code to to be triggered when NiFi Registry application events occur.</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Event Name</th>
+<th class="tableblock halign-left valign-top">Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>CREATE_BUCKET</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">A new registry bucket is created.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>CREATE_FLOW</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">A new flow is created in a specified bucket. Only triggered on first time creation of a flow with a given name.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>CREATE_FLOW_VERSION</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">A new version for a flow has been saved in the registry.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>UPDATE_BUCKET</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">A bucket has been updated.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>UPDATE_FLOW</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">A flow that exist in a bucket has been updated.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>DELETE_BUCKET</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">An existing bucket in the registry is deleted.</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>DELETE_FLOW</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">An existing flow in the registry is deleted.</p></td>
+</tr>
+</tbody>
+<tfoot>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>REGISTRY_START</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Invoked once the NiFi Registry application has been successfully started. This is only invoked after a complete and successful start.</p></td>
+</tr>
+</tfoot>
+</table>
+<div class="sect2">
+<h3 id="shared-event-hook-properties"><a class="anchor" href="administration-guide.html#shared-event-hook-properties"></a>Shared Event Hook Properties</h3>
+<div class="paragraph">
+<p>There are certain properties that are shared amongst all of the NiFi Registry provided Event Hook implementations. Those properties and
+their purpose are listed below.</p>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Property Name</th>
+<th class="tableblock halign-left valign-top">Description</th>
+</tr>
+</thead>
+<tfoot>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Whitelisted Event Type</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Event types the hook provider configured with this property should respond to. If this property is left blank or not provided, all events will fire for the configured hook provider. Multiple <code>Whitelisted Event Type</code> can be specified and often are. For example,
+<code><property name="Whitelisted Event Type 1">CREATE_FLOW</property></code> and <code><property name="Whitelisted Event Type 2">UPDATE_FLOW</property></code> would invoke the configured hook provider for the <code>CREATE_FLOW</code> and <code>UPDATE_FLOW</code> event types.</p></td>
+</tr>
+</tfoot>
+</table>
+</div>
+<div class="sect2">
+<h3 id="scripteventhookprovider"><a class="anchor" href="administration-guide.html#scripteventhookprovider"></a>ScriptEventHookProvider</h3>
+<div class="paragraph">
+<p>The <code>ScriptEventHookProvider</code> invokes a shell script that has been written by a user and placed on a file system that is accessible
+by the NiFi Registry instance that the provider is configured for.</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre><eventHookProvider>
+ <class>org.apache.nifi.registry.provider.hook.ScriptEventHookProvider</class>
+ <property name="Script Path"></property>
+ <property name="Working Directory"></property>
+ <!-- optional -->
+ <property name="Whitelisted Event Type 1">CREATE_FLOW</property>
+ <property name="Whitelisted Event Type 2">UPDATE_FLOW</property>
+</eventHookProvider></pre>
+</div>
+</div>
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Property Name</th>
+<th class="tableblock halign-left valign-top">Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Script Path</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Full path to a script that will executed for each event. The arguments to the script will be the event fields in the order they are specified for the given event type.</p></td>
+</tr>
+</tbody>
+<tfoot>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>Working Directory</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Working directory from where the commands will be executed.</p></td>
+</tr>
+</tfoot>
+</table>
+</div>
+<div class="sect2">
+<h3 id="loggingeventhookprovider"><a class="anchor" href="administration-guide.html#loggingeventhookprovider"></a>LoggingEventHookProvider</h3>
+<div class="paragraph">
+<p>The <code>LoggingEventHookProvider</code> logs a string representation of each event using an SLF4J logger. The logger can be configured
+via NiFi Registry’s <em>logback.xml</em>, which by default contains an appender that writes to a log file named <em>nifi-registry-event.log</em> in the <code>logs</code> directory.</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre><eventHookProvider>
+ <class>org.apache.nifi.registry.provider.hook.LoggingEventHookProvider</class>
+</eventHookProvider></pre>
+</div>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="url-aliasing"><a class="anchor" href="administration-guide.html#url-aliasing"></a>URL Aliasing</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>A versioned item may contain the URL of a registry instance embedded in the content of the item. For example, flows with nested versioning contain the URL of the registry where the nested versioned flow is located. If the location of the registry instances changes, then the content is no longer accurate.</p>
+</div>
+<div class="paragraph">
+<p>URL aliasing can be used to dynamically handle this situation so that URLs are never written to the stored content, and can be re-written with the correct value when being retrieved by a client.</p>
+</div>
+<div class="paragraph">
+<p>The aliases are configured in an XML file which can be specified in <em><a href="administration-guide.html#alias-properties">nifi-registry.properties</a></em>.</p>
+</div>
+<div class="listingblock">
+<div class="title">Example aliases in registry-aliases.xml</div>
+<div class="content">
+<pre class="highlight"><code class="language-xml" data-lang="xml"><aliases>
+ <alias>
+ <internal>NIFI_REGISTRY_1</internal>
+ <external>http://registry1.nifi.apache.org:18080</external>
+ </alias>
+ <alias>
+ <internal>NIFI_REGISTRY_2</internal>
+ <external>http://registry2.nifi.apache.org:18080</external>
+ </alias>
+</aliases></code></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>If a flow is saved to registry with two child process groups, each under version control, the incoming flow would contain something like the following:</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>"processGroups" : [ {
+ ...
+ "versionedFlowCoordinates" : {
+ "bucketId" : "ca20e058-f6e7-404c-aee0-e30833e792c7",
+ "flowId" : "178a6657-e1a7-4cce-8f83-4e615e38f57a",
+ "registryUrl" : "http://registry1.nifi.apache.org:18080",
+ "version" : 1
+ },
+ {
+ ...
+ "versionedFlowCoordinates" : {
+ "bucketId" : "ca20e058-f6e7-404c-aee0-e30833e792c7",
+ "flowId" : "985cb44b-3aec-32be-860f-d2a0f2c72aac",
+ "registryUrl" : "http://registry2.nifi.apache.org:18080",
+ "version" : 1
+ }
+]</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>With the example aliases configuration above, the URLs would be written to the flow persistence provider as the following:</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>"processGroups" : [ {
+ ...
+ "versionedFlowCoordinates" : {
+ "bucketId" : "ca20e058-f6e7-404c-aee0-e30833e792c7",
+ "flowId" : "178a6657-e1a7-4cce-8f83-4e615e38f57a",
+ "registryUrl" : "NIFI_REGISTRY_1",
+ "version" : 1
+ },
+ {
+ ...
+ "versionedFlowCoordinates" : {
+ "bucketId" : "ca20e058-f6e7-404c-aee0-e30833e792c7",
+ "flowId" : "985cb44b-3aec-32be-860f-d2a0f2c72aac",
+ "registryUrl" : "NIFI_REGISTRY_2",
+ "version" : 1
+ }
+]</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>When this flow is retrieved from any API call, the internal values would be rewritten to the external values.</p>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="backup-recovery"><a class="anchor" href="administration-guide.html#backup-recovery"></a>Backup & Recovery</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>In order to prevent data loss it is important to consider backup and recovery options. The data that needs to be considered is the following:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>Metadata Database</p>
+</li>
+<li>
+<p>Persistence providers</p>
+</li>
+<li>
+<p>Configuration files</p>
+</li>
+</ul>
+</div>
+<div class="sect2">
+<h3 id="metadata-database-2"><a class="anchor" href="administration-guide.html#metadata-database-2"></a>Metadata Database</h3>
+<div class="paragraph">
+<p>If using H2, the database file should be backed up periodically to an external location. In order to ensure a proper backup, NiFi Registry should be stopped to ensure no write operations are occurring while copying the file.</p>
+</div>
+<div class="paragraph">
+<p>If using Postgres, backups may be taken on the Postgres database, or Postgres may be configured for high availability such that there is a failover or backup instance.</p>
+</div>
+<div class="paragraph">
+<p>If starting a brand new NiFi Registry instance, the metadata database can be automatically rebuilt from the information in the <code>GitFlowPersistenceProvider</code>. This is a one-time operation during the first start of the application, and is not meant to keep the DB in sync with external changes made in Git. This feature only applies to flows and would not be able to restore information about extension bundles.</p>
+</div>
+</div>
+<div class="sect2">
+<h3 id="persistence-providers-2"><a class="anchor" href="administration-guide.html#persistence-providers-2"></a>Persistence Providers</h3>
+<div class="paragraph">
+<p>Each persistence provider may have its own option for backup & recovery.</p>
+</div>
+<div class="sect3">
+<h4 id="flow-persistence"><a class="anchor" href="administration-guide.html#flow-persistence"></a>Flow Persistence</h4>
+<div class="paragraph">
+<p>If using the <code>FileSystemFlowPersistenceProvider</code>, the directory where flows are stored should be backed up periodically to an external location. In order to ensure a proper backup, NiFi Registry should be stopped to ensure no flows are being written to disk. If using H2 for metadata, H2 should be backed up at the same time to ensure consistency between the flows on disk and the contents in H2.</p>
+</div>
+<div class="paragraph">
+<p>If using the <code>GitFlowPersistenceProvider</code>, the ability to automatically push to a remote may be configured. This provides an automatic backup of the data in the remote repo.</p>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="bundle-persistence"><a class="anchor" href="administration-guide.html#bundle-persistence"></a>Bundle Persistence</h3>
+<div class="paragraph">
+<p>If using the <code>FileSystemBundlePersistenceProvider</code>, the directory where bundles are stored should be backed up periodically to an external location. In order to ensure a proper backup, NiFi Registry should be stopped to ensure no bundles are being written to disk. If using H2 for metadata, H2 should be backed up at the same time to ensure consistency between the bundles on disk and the contents in H2.</p>
+</div>
+<div class="paragraph">
+<p>If using the <code>S3BundlePersistenceProvider</code>, data will be stored remotely and automatically replicated.</p>
+</div>
+</div>
+<div class="sect2">
+<h3 id="configuration-files"><a class="anchor" href="administration-guide.html#configuration-files"></a>Configuration Files</h3>
+<div class="paragraph">
+<p>If using NiFi Registry’s policy based authorization, the users, groups, and policies are stored in files on disk named <em>users.xml</em> and <em>authorizations.xml</em>. These files should be periodically backed up to an external location. In order to ensure a proper backup, NiFi Registry should be stopped to ensure no authorization data is being written to disk.</p>
+</div>
+<div class="paragraph">
+<p>If using Ranger, then all authorization information is stored externally and there is nothing to back up.</p>
+</div>
+</div>
+</div>
+</div>
+</div>
+<div id="footer">
+<div id="footer-text">
+Last updated 2022-06-13 16:50:03 -0700
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/nifi-registry-docs/html/getting-started.html b/docs/nifi-registry-docs/html/getting-started.html
new file mode 100644
index 0000000..a63f106
--- /dev/null
+++ b/docs/nifi-registry-docs/html/getting-started.html
@@ -0,0 +1,746 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<!--[if IE]><meta http-equiv="X-UA-Compatible" content="IE=edge"><![endif]-->
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<meta name="generator" content="Asciidoctor 1.5.8">
+<meta name="author" content="Apache NiFi Team">
+<title>Getting Started with Apache NiFi Registry</title>
+<style>
+/* Asciidoctor default stylesheet | MIT License | https://asciidoctor.org */
+/* Copyright (C) 2012-2015 Dan Allen, Ryan Waldron and the Asciidoctor Project
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE. */
+/* Remove the comments around the @import statement below when using this as a custom stylesheet */
+@import "https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400";
+article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section,summary{display:block}
+audio,canvas,video{display:inline-block}
+audio:not([controls]){display:none;height:0}
+[hidden],template{display:none}
+script{display:none!important}
+html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}
+body{margin:0}
+a{background:transparent}
+a:focus{outline:thin dotted}
+a:active,a:hover{outline:0}
+h1{font-size:2em;margin:.67em 0}
+abbr[title]{border-bottom:1px dotted}
+b,strong{font-weight:bold}
+dfn{font-style:italic}
+hr{-moz-box-sizing:content-box;box-sizing:content-box;height:0}
+mark{background:#ff0;color:#000}
+code,kbd,pre,samp{font-family:monospace;font-size:1em}
+pre{white-space:pre-wrap}
+q{quotes:"\201C" "\201D" "\2018" "\2019"}
+small{font-size:80%}
+sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}
+sup{top:-.5em}
+sub{bottom:-.25em}
+img{border:0}
+svg:not(:root){overflow:hidden}
+figure{margin:0}
+fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em}
+legend{border:0;padding:0}
+button,input,select,textarea{font-family:inherit;font-size:100%;margin:0}
+button,input{line-height:normal}
+button,select{text-transform:none}
+button,html input[type="button"],input[type="reset"],input[type="submit"]{-webkit-appearance:button;cursor:pointer}
+button[disabled],html input[disabled]{cursor:default}
+input[type="checkbox"],input[type="radio"]{box-sizing:border-box;padding:0}
+input[type="search"]{-webkit-appearance:textfield;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;box-sizing:content-box}
+input[type="search"]::-webkit-search-cancel-button,input[type="search"]::-webkit-search-decoration{-webkit-appearance:none}
+button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0}
+textarea{overflow:auto;vertical-align:top}
+table{border-collapse:collapse;border-spacing:0}
+*,*:before,*:after{-moz-box-sizing:border-box;-webkit-box-sizing:border-box;box-sizing:border-box}
+html,body{font-size:100%}
+body{background:#fff;color:rgba(0,0,0,.8);padding:0;margin:0;font-family:"Noto Serif","DejaVu Serif",serif;font-weight:400;font-style:normal;line-height:1;position:relative;cursor:auto}
+a:hover{cursor:pointer}
+img,object,embed{max-width:100%;height:auto}
+object,embed{height:100%}
+img{-ms-interpolation-mode:bicubic}
+#map_canvas img,#map_canvas embed,#map_canvas object,.map_canvas img,.map_canvas embed,.map_canvas object{max-width:none!important}
+.left{float:left!important}
+.right{float:right!important}
+.text-left{text-align:left!important}
+.text-right{text-align:right!important}
+.text-center{text-align:center!important}
+.text-justify{text-align:justify!important}
+.hide{display:none}
+.antialiased,body{-webkit-font-smoothing:antialiased}
+img{display:inline-block;vertical-align:middle}
+textarea{height:auto;min-height:50px}
+select{width:100%}
+p.lead,.paragraph.lead>p,#preamble>.sectionbody>.paragraph:first-of-type p{font-size:1.21875em;line-height:1.6}
+.subheader,.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{line-height:1.45;color:#7a2518;font-weight:400;margin-top:0;margin-bottom:.25em}
+div,dl,dt,dd,ul,ol,li,h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6,pre,form,p,blockquote,th,td{margin:0;padding:0;direction:ltr}
+a{color:#2156a5;text-decoration:underline;line-height:inherit}
+a:hover,a:focus{color:#1d4b8f}
+a img{border:none}
+p{font-family:inherit;font-weight:400;font-size:1em;line-height:1.6;margin-bottom:1.25em;text-rendering:optimizeLegibility}
+p aside{font-size:.875em;line-height:1.35;font-style:italic}
+h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{font-family:"Open Sans","DejaVu Sans",sans-serif;font-weight:300;font-style:normal;color:#ba3925;text-rendering:optimizeLegibility;margin-top:1em;margin-bottom:.5em;line-height:1.0125em}
+h1 small,h2 small,h3 small,#toctitle small,.sidebarblock>.content>.title small,h4 small,h5 small,h6 small{font-size:60%;color:#e99b8f;line-height:0}
+h1{font-size:2.125em}
+h2{font-size:1.6875em}
+h3,#toctitle,.sidebarblock>.content>.title{font-size:1.375em}
+h4,h5{font-size:1.125em}
+h6{font-size:1em}
+hr{border:solid #ddddd8;border-width:1px 0 0;clear:both;margin:1.25em 0 1.1875em;height:0}
+em,i{font-style:italic;line-height:inherit}
+strong,b{font-weight:bold;line-height:inherit}
+small{font-size:60%;line-height:inherit}
+code{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;color:rgba(0,0,0,.9);padding-right: 1px;}
+ul,ol,dl{font-size:1em;line-height:1.6;margin-bottom:1.25em;list-style-position:outside;font-family:inherit}
+ul,ol,ul.no-bullet,ol.no-bullet{margin-left:1.5em}
+ul li ul,ul li ol{margin-left:1.25em;margin-bottom:0;font-size:1em}
+ul.square li ul,ul.circle li ul,ul.disc li ul{list-style:inherit}
+ul.square{list-style-type:square}
+ul.circle{list-style-type:circle}
+ul.disc{list-style-type:disc}
+ul.no-bullet{list-style:none}
+ol li ul,ol li ol{margin-left:1.25em;margin-bottom:0}
+dl dt{margin-bottom:.3125em;font-weight:bold}
+dl dd{margin-bottom:1.25em}
+abbr,acronym{text-transform:uppercase;font-size:90%;color:rgba(0,0,0,.8);border-bottom:1px dotted #ddd;cursor:help}
+abbr{text-transform:none}
+blockquote{margin:0 0 1.25em;padding:.5625em 1.25em 0 1.1875em;border-left:1px solid #ddd}
+blockquote cite{display:block;font-size:.9375em;color:rgba(0,0,0,.6)}
+blockquote cite:before{content:"\2014 \0020"}
+blockquote cite a,blockquote cite a:visited{color:rgba(0,0,0,.6)}
+blockquote,blockquote p{line-height:1.6;color:rgba(0,0,0,.85)}
+@media only screen and (min-width:768px){h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2}
+h1{font-size:2.75em}
+h2{font-size:2.3125em}
+h3,#toctitle,.sidebarblock>.content>.title{font-size:1.6875em}
+h4{font-size:1.4375em}}table{background:#fff;margin-bottom:1.25em;border:solid 1px #dedede}
+table thead,table tfoot{background:#f7f8f7;font-weight:bold}
+table thead tr th,table thead tr td,table tfoot tr th,table tfoot tr td{padding:.5em .625em .625em;font-size:inherit;color:rgba(0,0,0,.8);text-align:left}
+table tr th,table tr td{padding:.5625em .625em;font-size:inherit;color:rgba(0,0,0,.8)}
+table tr.even,table tr.alt,table tr:nth-of-type(even){background:#f8f8f7}
+table thead tr th,table tfoot tr th,table tbody tr td,table tr td,table tfoot tr td{display:table-cell;line-height:1.6}
+h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2;word-spacing:-.05em}
+h1 strong,h2 strong,h3 strong,#toctitle strong,.sidebarblock>.content>.title strong,h4 strong,h5 strong,h6 strong{font-weight:400}
+.clearfix:before,.clearfix:after,.float-group:before,.float-group:after{content:" ";display:table}
+.clearfix:after,.float-group:after{clear:both}
+*:not(pre)>code{font-size:.9375em;font-style:normal!important;letter-spacing:0;word-spacing:-.15em;background-color:#f7f7f8;-webkit-border-radius:4px;border-radius:4px;line-height:1.45;text-rendering:optimizeSpeed}
+pre,pre>code{line-height:1.45;color:rgba(0,0,0,.9);font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;text-rendering:optimizeSpeed}
+.keyseq{color:rgba(51,51,51,.8)}
+kbd{display:inline-block;color:rgba(0,0,0,.8);font-size:.75em;line-height:1.4;background-color:#f7f7f7;border:1px solid #ccc;-webkit-border-radius:3px;border-radius:3px;-webkit-box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em white inset;box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em #fff inset;margin:-.15em .15em 0 .15em;padding:.2em .6em .2em .5em;vertical-align:middle;white-space:nowrap}
+.keyseq kbd:first-child{margin-left:0}
+.keyseq kbd:last-child{margin-right:0}
+.menuseq,.menu{color:rgba(0,0,0,.8)}
+b.button:before,b.button:after{position:relative;top:-1px;font-weight:400}
+b.button:before{content:"[";padding:0 3px 0 2px}
+b.button:after{content:"]";padding:0 2px 0 3px}
+p a>code:hover{color:rgba(0,0,0,.9)}
+#header,#content,#footnotes,#footer{width:100%;margin-left:auto;margin-right:auto;margin-top:0;margin-bottom:0;max-width:62.5em;*zoom:1;position:relative;padding-left:.9375em;padding-right:.9375em}
+#header:before,#header:after,#content:before,#content:after,#footnotes:before,#footnotes:after,#footer:before,#footer:after{content:" ";display:table}
+#header:after,#content:after,#footnotes:after,#footer:after{clear:both}
+#content{margin-top:1.25em}
+#content:before{content:none}
+#header>h1:first-child{color:rgba(0,0,0,.85);margin-top:2.25rem;margin-bottom:0}
+#header>h1:first-child+#toc{margin-top:8px;border-top:1px solid #ddddd8}
+#header>h1:only-child,body.toc2 #header>h1:nth-last-child(2){border-bottom:1px solid #ddddd8;padding-bottom:8px}
+#header .details{border-bottom:1px solid #ddddd8;line-height:1.45;padding-top:.25em;padding-bottom:.25em;padding-left:.25em;color:rgba(0,0,0,.6);display:-ms-flexbox;display:-webkit-flex;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap}
+#header .details span:first-child{margin-left:-.125em}
+#header .details span.email a{color:rgba(0,0,0,.85)}
+#header .details br{display:none}
+#header .details br+span:before{content:"\00a0\2013\00a0"}
+#header .details br+span.author:before{content:"\00a0\22c5\00a0";color:rgba(0,0,0,.85)}
+#header .details br+span#revremark:before{content:"\00a0|\00a0"}
+#header #revnumber{text-transform:capitalize}
+#header #revnumber:after{content:"\00a0"}
+#content>h1:first-child:not([class]){color:rgba(0,0,0,.85);border-bottom:1px solid #ddddd8;padding-bottom:8px;margin-top:0;padding-top:1rem;margin-bottom:1.25rem}
+#toc{border-bottom:1px solid #efefed;padding-bottom:.5em}
+#toc>ul{margin-left:.125em}
+#toc ul.sectlevel0>li>a{font-style:italic}
+#toc ul.sectlevel0 ul.sectlevel1{margin:.5em 0}
+#toc ul{font-family:"Open Sans","DejaVu Sans",sans-serif;list-style-type:none}
+#toc a{text-decoration:none}
+#toc a:active{text-decoration:underline}
+#toctitle{color:#7a2518;font-size:1.2em}
+@media only screen and (min-width:768px){#toctitle{font-size:1.375em}
+body.toc2{padding-left:15em;padding-right:0}
+#toc.toc2{margin-top:0!important;background-color:#f8f8f7;position:fixed;width:15em;left:0;top:0;border-right:1px solid #efefed;border-top-width:0!important;border-bottom-width:0!important;z-index:1000;padding:1.25em 1em;height:100%;overflow:auto}
+#toc.toc2 #toctitle{margin-top:0;font-size:1.2em}
+#toc.toc2>ul{font-size:.9em;margin-bottom:0}
+#toc.toc2 ul ul{margin-left:0;padding-left:1em}
+#toc.toc2 ul.sectlevel0 ul.sectlevel1{padding-left:0;margin-top:.5em;margin-bottom:.5em}
+body.toc2.toc-right{padding-left:0;padding-right:15em}
+body.toc2.toc-right #toc.toc2{border-right-width:0;border-left:1px solid #efefed;left:auto;right:0}}@media only screen and (min-width:1280px){body.toc2{padding-left:20em;padding-right:0}
+#toc.toc2{width:20em}
+#toc.toc2 #toctitle{font-size:1.375em}
+#toc.toc2>ul{font-size:.95em}
+#toc.toc2 ul ul{padding-left:1.25em}
+body.toc2.toc-right{padding-left:0;padding-right:20em}}#content #toc{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px}
+#content #toc>:first-child{margin-top:0}
+#content #toc>:last-child{margin-bottom:0}
+#footer{max-width:100%;background-color:rgba(0,0,0,.8);padding:1.25em}
+#footer-text{color:rgba(255,255,255,.8);line-height:1.44}
+.sect1{padding-bottom:.625em}
+@media only screen and (min-width:768px){.sect1{padding-bottom:1.25em}}.sect1+.sect1{border-top:1px solid #efefed}
+#content h1>a.anchor,h2>a.anchor,h3>a.anchor,#toctitle>a.anchor,.sidebarblock>.content>.title>a.anchor,h4>a.anchor,h5>a.anchor,h6>a.anchor{position:absolute;z-index:1001;width:1.5ex;margin-left:-1.5ex;display:block;text-decoration:none!important;visibility:hidden;text-align:center;font-weight:400}
+#content h1>a.anchor:before,h2>a.anchor:before,h3>a.anchor:before,#toctitle>a.anchor:before,.sidebarblock>.content>.title>a.anchor:before,h4>a.anchor:before,h5>a.anchor:before,h6>a.anchor:before{content:"\00A7";font-size:.85em;display:block;padding-top:.1em}
+#content h1:hover>a.anchor,#content h1>a.anchor:hover,h2:hover>a.anchor,h2>a.anchor:hover,h3:hover>a.anchor,#toctitle:hover>a.anchor,.sidebarblock>.content>.title:hover>a.anchor,h3>a.anchor:hover,#toctitle>a.anchor:hover,.sidebarblock>.content>.title>a.anchor:hover,h4:hover>a.anchor,h4>a.anchor:hover,h5:hover>a.anchor,h5>a.anchor:hover,h6:hover>a.anchor,h6>a.anchor:hover{visibility:visible}
+#content h1>a.link,h2>a.link,h3>a.link,#toctitle>a.link,.sidebarblock>.content>.title>a.link,h4>a.link,h5>a.link,h6>a.link{color:#ba3925;text-decoration:none}
+#content h1>a.link:hover,h2>a.link:hover,h3>a.link:hover,#toctitle>a.link:hover,.sidebarblock>.content>.title>a.link:hover,h4>a.link:hover,h5>a.link:hover,h6>a.link:hover{color:#a53221}
+.audioblock,.imageblock,.literalblock,.listingblock,.stemblock,.videoblock{margin-bottom:1.25em}
+.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{text-rendering:optimizeLegibility;text-align:left;font-family:"Noto Serif","DejaVu Serif",serif;font-size:1rem;font-style:italic}
+table.tableblock>caption.title{white-space:nowrap;overflow:visible;max-width:0}
+.paragraph.lead>p,#preamble>.sectionbody>.paragraph:first-of-type p{color:rgba(0,0,0,.85)}
+table.tableblock #preamble>.sectionbody>.paragraph:first-of-type p{font-size:inherit}
+.admonitionblock>table{border-collapse:separate;border:0;background:none;width:100%}
+.admonitionblock>table td.icon{text-align:center;width:80px}
+.admonitionblock>table td.icon img{max-width:none}
+.admonitionblock>table td.icon .title{font-weight:bold;font-family:"Open Sans","DejaVu Sans",sans-serif;text-transform:uppercase}
+.admonitionblock>table td.content{padding-left:1.125em;padding-right:1.25em;border-left:1px solid #ddddd8;color:rgba(0,0,0,.6)}
+.admonitionblock>table td.content>:last-child>:last-child{margin-bottom:0}
+.exampleblock>.content{border-style:solid;border-width:1px;border-color:#e6e6e6;margin-bottom:1.25em;padding:1.25em;background:#fff;-webkit-border-radius:4px;border-radius:4px}
+.exampleblock>.content>:first-child{margin-top:0}
+.exampleblock>.content>:last-child{margin-bottom:0}
+.sidebarblock{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px}
+.sidebarblock>:first-child{margin-top:0}
+.sidebarblock>:last-child{margin-bottom:0}
+.sidebarblock>.content>.title{color:#7a2518;margin-top:0;text-align:center}
+.exampleblock>.content>:last-child>:last-child,.exampleblock>.content .olist>ol>li:last-child>:last-child,.exampleblock>.content .ulist>ul>li:last-child>:last-child,.exampleblock>.content .qlist>ol>li:last-child>:last-child,.sidebarblock>.content>:last-child>:last-child,.sidebarblock>.content .olist>ol>li:last-child>:last-child,.sidebarblock>.content .ulist>ul>li:last-child>:last-child,.sidebarblock>.content .qlist>ol>li:last-child>:last-child{margin-bottom:0}
+.literalblock pre,.listingblock pre:not(.highlight),.listingblock pre[class="highlight"],.listingblock pre[class^="highlight "],.listingblock pre.CodeRay,.listingblock pre.prettyprint{background:#f7f7f8}
+.sidebarblock .literalblock pre,.sidebarblock .listingblock pre:not(.highlight),.sidebarblock .listingblock pre[class="highlight"],.sidebarblock .listingblock pre[class^="highlight "],.sidebarblock .listingblock pre.CodeRay,.sidebarblock .listingblock pre.prettyprint{background:#f2f1f1}
+.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{-webkit-border-radius:4px;border-radius:4px;word-wrap:break-word;padding:1em;font-size:.8125em}
+.literalblock pre.nowrap,.literalblock pre[class].nowrap,.listingblock pre.nowrap,.listingblock pre[class].nowrap{overflow-x:auto;white-space:pre;word-wrap:normal}
+@media only screen and (min-width:768px){.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{font-size:.90625em}}@media only screen and (min-width:1280px){.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{font-size:1em}}.literalblock.output pre{color:#f7f7f8;background-color:rgba(0,0,0,.9)}
+.listingblock pre.highlightjs{padding:0}
+.listingblock pre.highlightjs>code{padding:1em;-webkit-border-radius:4px;border-radius:4px}
+.listingblock pre.prettyprint{border-width:0}
+.listingblock>.content{position:relative}
+.listingblock code[data-lang]:before{display:none;content:attr(data-lang);position:absolute;font-size:.75em;top:.425rem;right:.5rem;line-height:1;text-transform:uppercase;color:#999}
+.listingblock:hover code[data-lang]:before{display:block}
+.listingblock.terminal pre .command:before{content:attr(data-prompt);padding-right:.5em;color:#999}
+.listingblock.terminal pre .command:not([data-prompt]):before{content:"$"}
+table.pyhltable{border-collapse:separate;border:0;margin-bottom:0;background:none}
+table.pyhltable td{vertical-align:top;padding-top:0;padding-bottom:0}
+table.pyhltable td.code{padding-left:.75em;padding-right:0}
+pre.pygments .lineno,table.pyhltable td:not(.code){color:#999;padding-left:0;padding-right:.5em;border-right:1px solid #ddddd8}
+pre.pygments .lineno{display:inline-block;margin-right:.25em}
+table.pyhltable .linenodiv{background:none!important;padding-right:0!important}
+.quoteblock{margin:0 1em 1.25em 1.5em;display:table}
+.quoteblock>.title{margin-left:-1.5em;margin-bottom:.75em}
+.quoteblock blockquote,.quoteblock blockquote p{color:rgba(0,0,0,.85);font-size:1.15rem;line-height:1.75;word-spacing:.1em;letter-spacing:0;font-style:italic;text-align:justify}
+.quoteblock blockquote{margin:0;padding:0;border:0}
+.quoteblock blockquote:before{content:"\201c";float:left;font-size:2.75em;font-weight:bold;line-height:.6em;margin-left:-.6em;color:#7a2518;text-shadow:0 1px 2px rgba(0,0,0,.1)}
+.quoteblock blockquote>.paragraph:last-child p{margin-bottom:0}
+.quoteblock .attribution{margin-top:.5em;margin-right:.5ex;text-align:right}
+.quoteblock .quoteblock{margin-left:0;margin-right:0;padding:.5em 0;border-left:3px solid rgba(0,0,0,.6)}
+.quoteblock .quoteblock blockquote{padding:0 0 0 .75em}
+.quoteblock .quoteblock blockquote:before{display:none}
+.verseblock{margin:0 1em 1.25em 1em}
+.verseblock pre{font-family:"Open Sans","DejaVu Sans",sans;font-size:1.15rem;color:rgba(0,0,0,.85);font-weight:300;text-rendering:optimizeLegibility}
+.verseblock pre strong{font-weight:400}
+.verseblock .attribution{margin-top:1.25rem;margin-left:.5ex}
+.quoteblock .attribution,.verseblock .attribution{font-size:.9375em;line-height:1.45;font-style:italic}
+.quoteblock .attribution br,.verseblock .attribution br{display:none}
+.quoteblock .attribution cite,.verseblock .attribution cite{display:block;letter-spacing:-.05em;color:rgba(0,0,0,.6)}
+.quoteblock.abstract{margin:0 0 1.25em 0;display:block}
+.quoteblock.abstract blockquote,.quoteblock.abstract blockquote p{text-align:left;word-spacing:0}
+.quoteblock.abstract blockquote:before,.quoteblock.abstract blockquote p:first-of-type:before{display:none}
+table.tableblock{max-width:100%;border-collapse:separate}
+table.tableblock td>.paragraph:last-child p>p:last-child,table.tableblock th>p:last-child,table.tableblock td>p:last-child{margin-bottom:0}
+table.spread{width:100%}
+table.tableblock,th.tableblock,td.tableblock{border:0 solid #dedede}
+table.grid-all th.tableblock,table.grid-all td.tableblock{border-width:0 1px 1px 0}
+table.grid-all tfoot>tr>th.tableblock,table.grid-all tfoot>tr>td.tableblock{border-width:1px 1px 0 0}
+table.grid-cols th.tableblock,table.grid-cols td.tableblock{border-width:0 1px 0 0}
+table.grid-all *>tr>.tableblock:last-child,table.grid-cols *>tr>.tableblock:last-child{border-right-width:0}
+table.grid-rows th.tableblock,table.grid-rows td.tableblock{border-width:0 0 1px 0}
+table.grid-all tbody>tr:last-child>th.tableblock,table.grid-all tbody>tr:last-child>td.tableblock,table.grid-all thead:last-child>tr>th.tableblock,table.grid-rows tbody>tr:last-child>th.tableblock,table.grid-rows tbody>tr:last-child>td.tableblock,table.grid-rows thead:last-child>tr>th.tableblock{border-bottom-width:0}
+table.grid-rows tfoot>tr>th.tableblock,table.grid-rows tfoot>tr>td.tableblock{border-width:1px 0 0 0}
+table.frame-all{border-width:1px}
+table.frame-sides{border-width:0 1px}
+table.frame-topbot{border-width:1px 0}
+th.halign-left,td.halign-left{text-align:left}
+th.halign-right,td.halign-right{text-align:right}
+th.halign-center,td.halign-center{text-align:center}
+th.valign-top,td.valign-top{vertical-align:top}
+th.valign-bottom,td.valign-bottom{vertical-align:bottom}
+th.valign-middle,td.valign-middle{vertical-align:middle}
+table thead th,table tfoot th{font-weight:bold}
+tbody tr th{display:table-cell;line-height:1.6;background:#f7f8f7}
+tbody tr th,tbody tr th p,tfoot tr th,tfoot tr th p{color:rgba(0,0,0,.8);font-weight:bold}
+p.tableblock>code:only-child{background:none;padding:0}
+p.tableblock{font-size:1em}
+td>div.verse{white-space:pre}
+ol{margin-left:1.75em}
+ul li ol{margin-left:1.5em}
+dl dd{margin-left:1.125em}
+dl dd:last-child,dl dd:last-child>:last-child{margin-bottom:0}
+ol>li p,ul>li p,ul dd,ol dd,.olist .olist,.ulist .ulist,.ulist .olist,.olist .ulist{margin-bottom:.625em}
+ul.unstyled,ol.unnumbered,ul.checklist,ul.none{list-style-type:none}
+ul.unstyled,ol.unnumbered,ul.checklist{margin-left:.625em}
+ul.checklist li>p:first-child>.fa-square-o:first-child,ul.checklist li>p:first-child>.fa-check-square-o:first-child{width:1em;font-size:.85em}
+ul.checklist li>p:first-child>input[type="checkbox"]:first-child{width:1em;position:relative;top:1px}
+ul.inline{margin:0 auto .625em auto;margin-left:-1.375em;margin-right:0;padding:0;list-style:none;overflow:hidden}
+ul.inline>li{list-style:none;float:left;margin-left:1.375em;display:block}
+ul.inline>li>*{display:block}
+.unstyled dl dt{font-weight:400;font-style:normal}
+ol.arabic{list-style-type:decimal}
+ol.decimal{list-style-type:decimal-leading-zero}
+ol.loweralpha{list-style-type:lower-alpha}
+ol.upperalpha{list-style-type:upper-alpha}
+ol.lowerroman{list-style-type:lower-roman}
+ol.upperroman{list-style-type:upper-roman}
+ol.lowergreek{list-style-type:lower-greek}
+.hdlist>table,.colist>table{border:0;background:none}
+.hdlist>table>tbody>tr,.colist>table>tbody>tr{background:none}
+td.hdlist1{padding-right:.75em;font-weight:bold}
+td.hdlist1,td.hdlist2{vertical-align:top}
+.literalblock+.colist,.listingblock+.colist{margin-top:-.5em}
+.colist>table tr>td:first-of-type{padding:0 .75em;line-height:1}
+.colist>table tr>td:last-of-type{padding:.25em 0}
+.thumb,.th{line-height:0;display:inline-block;border:solid 4px #fff;-webkit-box-shadow:0 0 0 1px #ddd;box-shadow:0 0 0 1px #ddd}
+.imageblock.left,.imageblock[style*="float: left"]{margin:.25em .625em 1.25em 0}
+.imageblock.right,.imageblock[style*="float: right"]{margin:.25em 0 1.25em .625em}
+.imageblock>.title{margin-bottom:0}
+.imageblock.thumb,.imageblock.th{border-width:6px}
+.imageblock.thumb>.title,.imageblock.th>.title{padding:0 .125em}
+.image.left,.image.right{margin-top:.25em;margin-bottom:.25em;display:inline-block;line-height:0}
+.image.left{margin-right:.625em}
+.image.right{margin-left:.625em}
+a.image{text-decoration:none}
+span.footnote,span.footnoteref{vertical-align:super;font-size:.875em}
+span.footnote a,span.footnoteref a{text-decoration:none}
+span.footnote a:active,span.footnoteref a:active{text-decoration:underline}
+#footnotes{padding-top:.75em;padding-bottom:.75em;margin-bottom:.625em}
+#footnotes hr{width:20%;min-width:6.25em;margin:-.25em 0 .75em 0;border-width:1px 0 0 0}
+#footnotes .footnote{padding:0 .375em;line-height:1.3;font-size:.875em;margin-left:1.2em;text-indent:-1.2em;margin-bottom:.2em}
+#footnotes .footnote a:first-of-type{font-weight:bold;text-decoration:none}
+#footnotes .footnote:last-of-type{margin-bottom:0}
+#content #footnotes{margin-top:-.625em;margin-bottom:0;padding:.75em 0}
+.gist .file-data>table{border:0;background:#fff;width:100%;margin-bottom:0}
+.gist .file-data>table td.line-data{width:99%}
+div.unbreakable{page-break-inside:avoid}
+.big{font-size:larger}
+.small{font-size:smaller}
+.underline{text-decoration:underline}
+.overline{text-decoration:overline}
+.line-through{text-decoration:line-through}
+.aqua{color:#00bfbf}
+.aqua-background{background-color:#00fafa}
+.black{color:#000}
+.black-background{background-color:#000}
+.blue{color:#0000bf}
+.blue-background{background-color:#0000fa}
+.fuchsia{color:#bf00bf}
+.fuchsia-background{background-color:#fa00fa}
+.gray{color:#606060}
+.gray-background{background-color:#7d7d7d}
+.green{color:#006000}
+.green-background{background-color:#007d00}
+.lime{color:#00bf00}
+.lime-background{background-color:#00fa00}
+.maroon{color:#600000}
+.maroon-background{background-color:#7d0000}
+.navy{color:#000060}
+.navy-background{background-color:#00007d}
+.olive{color:#606000}
+.olive-background{background-color:#7d7d00}
+.purple{color:#600060}
+.purple-background{background-color:#7d007d}
+.red{color:#bf0000}
+.red-background{background-color:#fa0000}
+.silver{color:#909090}
+.silver-background{background-color:#bcbcbc}
+.teal{color:#006060}
+.teal-background{background-color:#007d7d}
+.white{color:#bfbfbf}
+.white-background{background-color:#fafafa}
+.yellow{color:#bfbf00}
+.yellow-background{background-color:#fafa00}
+span.icon>.fa{cursor:default}
+.admonitionblock td.icon [class^="fa icon-"]{font-size:2.5em;text-shadow:1px 1px 2px rgba(0,0,0,.5);cursor:default}
+.admonitionblock td.icon .icon-note:before{content:"\f05a";color:#19407c}
+.admonitionblock td.icon .icon-tip:before{content:"\f0eb";text-shadow:1px 1px 2px rgba(155,155,0,.8);color:#111}
+.admonitionblock td.icon .icon-warning:before{content:"\f071";color:#bf6900}
+.admonitionblock td.icon .icon-caution:before{content:"\f06d";color:#bf3400}
+.admonitionblock td.icon .icon-important:before{content:"\f06a";color:#bf0000}
+.conum[data-value]{display:inline-block;color:#fff!important;background-color:rgba(0,0,0,.8);-webkit-border-radius:100px;border-radius:100px;text-align:center;font-size:.75em;width:1.67em;height:1.67em;line-height:1.67em;font-family:"Open Sans","DejaVu Sans",sans-serif;font-style:normal;font-weight:bold}
+.conum[data-value] *{color:#fff!important}
+.conum[data-value]+b{display:none}
+.conum[data-value]:after{content:attr(data-value)}
+pre .conum[data-value]{position:relative;top:-.125em}
+b.conum *{color:inherit!important}
+.conum:not([data-value]):empty{display:none}
+h1,h2{letter-spacing:-.01em}
+dt,th.tableblock,td.content{text-rendering:optimizeLegibility}
+p,td.content{letter-spacing:-.01em}
+p strong,td.content strong{letter-spacing:-.005em}
+p,blockquote,dt,td.content{font-size:1.0625rem}
+p{margin-bottom:1.25rem}
+.sidebarblock p,.sidebarblock dt,.sidebarblock td.content,p.tableblock{font-size:1em}
+.exampleblock>.content{background-color:#fffef7;border-color:#e0e0dc;-webkit-box-shadow:0 1px 4px #e0e0dc;box-shadow:0 1px 4px #e0e0dc}
+.print-only{display:none!important}
+@media print{@page{margin:1.25cm .75cm}
+*{-webkit-box-shadow:none!important;box-shadow:none!important;text-shadow:none!important}
+a{color:inherit!important;text-decoration:underline!important}
+a.bare,a[href^="#"],a[href^="mailto:"]{text-decoration:none!important}
+a[href^="http:"]:not(.bare):after,a[href^="https:"]:not(.bare):after{content:"(" attr(href) ")";display:inline-block;font-size:.875em;padding-left:.25em}
+abbr[title]:after{content:" (" attr(title) ")"}
+pre,blockquote,tr,img{page-break-inside:avoid}
+thead{display:table-header-group}
+img{max-width:100%!important}
+p,blockquote,dt,td.content{font-size:1em;orphans:3;widows:3}
+h2,h3,#toctitle,.sidebarblock>.content>.title{page-break-after:avoid}
+#toc,.sidebarblock,.exampleblock>.content{background:none!important}
+#toc{border-bottom:1px solid #ddddd8!important;padding-bottom:0!important}
+.sect1{padding-bottom:0!important}
+.sect1+.sect1{border:0!important}
+#header>h1:first-child{margin-top:1.25rem}
+body.book #header{text-align:center}
+body.book #header>h1:first-child{border:0!important;margin:2.5em 0 1em 0}
+body.book #header .details{border:0!important;display:block;padding:0!important}
+body.book #header .details span:first-child{margin-left:0!important}
+body.book #header .details br{display:block}
+body.book #header .details br+span:before{content:none!important}
+body.book #toc{border:0!important;text-align:left!important;padding:0!important;margin:0!important}
+body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-break-before:always}
+.listingblock code[data-lang]:before{display:block}
+#footer{background:none!important;padding:0 .9375em}
+#footer-text{color:rgba(0,0,0,.6)!important;font-size:.9em}
+.hide-on-print{display:none!important}
+.print-only{display:block!important}
+.hide-for-print{display:none!important}
+.show-for-print{display:inherit!important}}
+</style>
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
+</head>
+<body class="article">
+<div id="header">
+<h1>Getting Started with Apache NiFi Registry</h1>
+<div class="details">
+<span id="author" class="author">Apache NiFi Team</span><br>
+<span id="email" class="email"><a href="mailto:dev@nifi.apache.org">dev@nifi.apache.org</a></span><br>
+</div>
+<div id="toc" class="toc">
+<div id="toctitle">Table of Contents</div>
+<ul class="sectlevel1">
+<li><a href="getting-started.html#who-is-this-guide-for">Who is This Guide For?</a></li>
+<li><a href="getting-started.html#terminology-used-in-this-guide">Terminology Used in This Guide</a></li>
+<li><a href="getting-started.html#downloading-and-installing-nifi-registry">Downloading and Installing NiFi Registry</a></li>
+<li><a href="getting-started.html#starting-nifi-registry">Starting NiFi Registry</a>
+<ul class="sectlevel2">
+<li><a href="getting-started.html#for-linuxunixmac-os-x-users">For Linux/Unix/Mac OS X users</a></li>
+<li><a href="getting-started.html#installing-as-a-service">Installing as a Service</a></li>
+</ul>
+</li>
+<li><a href="getting-started.html#i-started-nifi-registry-now-what">I Started NiFi Registry. Now What?</a>
+<ul class="sectlevel2">
+<li><a href="getting-started.html#create-a-bucket">Create a Bucket</a></li>
+<li><a href="getting-started.html#connect-nifi-to-the-registry">Connect NiFi to the Registry</a></li>
+<li><a href="getting-started.html#start-version-control-on-a-process-group">Start Version Control on a Process Group</a></li>
+<li><a href="getting-started.html#save-changes-to-a-versioned-flow">Save Changes to a Versioned Flow</a></li>
+<li><a href="getting-started.html#import-a-versioned-flow">Import a Versioned Flow</a></li>
+</ul>
+</li>
+<li><a href="getting-started.html#where-to-go-for-more-information">Where To Go For More Information</a></li>
+</ul>
+</div>
+</div>
+<div id="content">
+<div class="sect1">
+<h2 id="who-is-this-guide-for"><a class="anchor" href="getting-started.html#who-is-this-guide-for"></a>Who is This Guide For?</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>This guide is written for users who have basic experience with NiFi but have little familiarity with the NiFi Registry. This guide is not intended to be an exhaustive instruction manual or a reference guide. The <a href="user-guide.html">NiFi Registry User Guide</a> and <a href="https://nifi.apache.org/docs/nifi-docs/html/user-guide.html" target="_blank" rel="noopener">NiFi User Guide</a> provide a great deal more information about using the Registry and integrating it with NiFi. This [...]
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="terminology-used-in-this-guide"><a class="anchor" href="getting-started.html#terminology-used-in-this-guide"></a>Terminology Used in This Guide</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>In order to talk about NiFi Registry, there are a few key terms that readers should be familiar with:</p>
+</div>
+<div class="paragraph">
+<p><strong>Flow</strong>: A process group level NiFi dataflow that has been placed under version control and saved to the Registry.</p>
+</div>
+<div class="paragraph">
+<p><strong>Bucket</strong>: A container that stores and organizes flows.</p>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="downloading-and-installing-nifi-registry"><a class="anchor" href="getting-started.html#downloading-and-installing-nifi-registry"></a>Downloading and Installing NiFi Registry</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>NiFi Registry can be downloaded from the <a href="https://nifi.apache.org/registry.html" target="_blank" rel="noopener">NiFi Registry Page</a>. There are two packaging options available: a tarball and a zip file. Supported operating systems include Linux, Unix and Mac OS X.</p>
+</div>
+<div class="paragraph">
+<p>For users who are not running OS X, after downloading NiFi Registry simply extract the archive to the location that you wish to run the application from. The registry is unsecured by default.</p>
+</div>
+<div class="paragraph">
+<p>For information on how to configure an instance of NiFi Registry (for example, to implement security or change the port that NiFi Registry is running on), see the <a href="administration-guide.html">System Administrator’s Guide</a>.</p>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="starting-nifi-registry"><a class="anchor" href="getting-started.html#starting-nifi-registry"></a>Starting NiFi Registry</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>Once NiFi Registry has been downloaded and installed as described above, it can be started by using the mechanism appropriate for your operating system.</p>
+</div>
+<div class="sect2">
+<h3 id="for-linuxunixmac-os-x-users"><a class="anchor" href="getting-started.html#for-linuxunixmac-os-x-users"></a>For Linux/Unix/Mac OS X users</h3>
+<div class="paragraph">
+<p>Use a Terminal window to navigate to the directory where NiFi Registry was installed. To run NiFi Registry in the foreground, run <code>bin/nifi-registry.sh run</code>. This will leave the application running until the user presses Ctrl-C. At that time, it will initiate shutdown of the application.</p>
+</div>
+<div class="paragraph">
+<p>To run NiFi Registry in the background, instead run <code>bin/nifi-registry.sh start</code>. This will initiate the application to begin running. To check the status and see if NiFi Registry is currently running, execute the command <code>bin/nifi-registry.sh status</code>.
+NiFi Registry can be shutdown by executing the command <code>bin/nifi-registry.sh stop</code>.</p>
+</div>
+</div>
+<div class="sect2">
+<h3 id="installing-as-a-service"><a class="anchor" href="getting-started.html#installing-as-a-service"></a>Installing as a Service</h3>
+<div class="paragraph">
+<p>To install the application as a service, navigate to the installation directory in a Terminal window and execute the command <code>bin/nifi-registry.sh install</code> to install the service with the default name <code>nifi-registry</code>. To specify a custom name for the service, execute the command with an optional second argument that is the name of the service. For example, to install NiFi Registry as a service with the name <code>flow-registry</code>, use the command <code>bin/ni [...]
+</div>
+<div class="paragraph">
+<p>Once installed, the service can be started and stopped using the appropriate commands, such as <code>sudo service nifi-registry start</code> and <code>sudo service nifi-registry stop</code>. Additionally, the running status can be checked via <code>sudo service nifi-registry status</code>.</p>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="i-started-nifi-registry-now-what"><a class="anchor" href="getting-started.html#i-started-nifi-registry-now-what"></a>I Started NiFi Registry. Now What?</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>Now that NiFi Registry has been started, we can bring up the User Interface (UI). To get started, open a web browser and navigate to
+<a href="../../nifi-registry" target="_blank" rel="noopener"><code>http://localhost:18080/nifi-registry</code></a>. The port can be changed by editing the <code>nifi-registry.properties</code> file in the NiFi Registry <em>conf</em> directory, but the default port is <code>18080</code>.</p>
+</div>
+<div class="paragraph">
+<p>This will bring up the Registry UI, which at this point is empty as there are no flow resources available to share yet:</p>
+</div>
+<div class="paragraph">
+<p><span class="image"><img src="images/empty_registry.png" alt="Empty Registry"></span></p>
+</div>
+<div class="sect2">
+<h3 id="create-a-bucket"><a class="anchor" href="getting-started.html#create-a-bucket"></a>Create a Bucket</h3>
+<div class="paragraph">
+<p>A bucket is needed in our registry to store and organize NiFi dataflows. To create one, select the Settings icon (<span class="image"><img src="images/iconSettings.png" alt="Settings Icon"></span>)in the top right corner of the screen. In the Buckets window, select the "New Bucket" button.</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/new_test_bucket.png" alt="New Bucket">
+</div>
+</div>
+<div class="paragraph">
+<p>Enter the bucket name "Test" and select the "Create" button.</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/test_bucket_dialog.png" alt="Test Bucket Dialog">
+</div>
+</div>
+<div class="paragraph">
+<p>The "Test" bucket is created:</p>
+</div>
+<div class="paragraph">
+<p><span class="image"><img src="images/test_bucket.png" alt="Test Bucket"></span></p>
+</div>
+<div class="paragraph">
+<p>There are no permissions configured by default, so anyone is able to view, create and modify buckets in this instance. For information on securing the system, see the <a href="administration-guide.html">System Administrator’s Guide</a>.</p>
+</div>
+</div>
+<div class="sect2">
+<h3 id="connect-nifi-to-the-registry"><a class="anchor" href="getting-started.html#connect-nifi-to-the-registry"></a>Connect NiFi to the Registry</h3>
+<div class="paragraph">
+<p>Now it is time to tell NiFi about the local registry instance.</p>
+</div>
+<div class="paragraph">
+<p>Start a NiFi instance if one isn’t already running and bring up the UI. Go to controller settings from the top-right menu:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/controller-settings-selection.png" alt="Global Menu - Controller Settings">
+</div>
+</div>
+<div class="paragraph">
+<p>Select the Registry Clients tab and add a new Registry Client giving it a name and the URL of <a href="http://localhost:18080" target="_blank" rel="noopener"><code>http://localhost:18080</code></a>:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/local_registry.png" alt="Local Registry Client">
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="start-version-control-on-a-process-group"><a class="anchor" href="getting-started.html#start-version-control-on-a-process-group"></a>Start Version Control on a Process Group</h3>
+<div class="paragraph">
+<p>With NiFi connected to a NiFi Registry, dataflows can be version controlled on the <strong>process group level</strong>.</p>
+</div>
+<div class="paragraph">
+<p>Right-click on a process group and select "Version→Start version control" from the context menu:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/ABCD_process_group_menu.png" alt="ABCD Process Group Menu">
+</div>
+</div>
+<div class="paragraph">
+<p>The local registry instance and "Test" bucket are chosen by default to store your flow since they are the only registry connected and bucket available. Enter a flow name, flow description, comments and select "Save":</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/save_ABCD_flow_dialog.png" alt="Initial Save of ABCD Flow">
+</div>
+</div>
+<div class="paragraph">
+<p>As indicated by the Version State icon (<span class="image"><img src="images/iconUpToDate.png" alt="Up To Date Icon"></span>) in the top left corner of the component, the process group is now saved as a versioned flow in the registry.</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/ABCD_flow_saved.png" alt="ABCD Flow Saved">
+</div>
+</div>
+<div class="paragraph">
+<p>Go back to the Registry UI and return to the main page to see
+the versioned flow you just saved (a refresh may be required):</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/ABCD_flow_in_test_bucket.png" alt="ABCD Flow in Test Bucket">
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="save-changes-to-a-versioned-flow"><a class="anchor" href="getting-started.html#save-changes-to-a-versioned-flow"></a>Save Changes to a Versioned Flow</h3>
+<div class="paragraph">
+<p>Changes made to the versioned process group can be reviewed, reverted or saved.</p>
+</div>
+<div class="paragraph">
+<p>For example, if changes are made to the ABCD flow, the Version State changes to "Locally modified" (<span class="image"><img src="images/iconLocallyModified.png" alt="Locally Modified Icon"></span>). The right-click menu will now show the options "Commit local changes", "Show local changes" or "Revert local changes":</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/changed_flow_options.png" alt="Changed Flow Options">
+</div>
+</div>
+<div class="paragraph">
+<p>Select "Show local changes" to see the details of the changes made:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/ABCD_flow_changes.png" alt="Show ABCD Flow Changes">
+</div>
+</div>
+<div class="paragraph">
+<p>Select "Commit local changes", enter comments and select "Save" to save the changes:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/ABCD_save_flow_version_2.png" alt="Save ABCD Version 2">
+</div>
+</div>
+<div class="paragraph">
+<p>Version 2 of the flow is saved:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/ABCD_version_2.png" alt="ABCD Version 2">
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="import-a-versioned-flow"><a class="anchor" href="getting-started.html#import-a-versioned-flow"></a>Import a Versioned Flow</h3>
+<div class="paragraph">
+<p>With a flow existing in the registry, we can use it to illustrate how to import a versioned process group.</p>
+</div>
+<div class="paragraph">
+<p>In NiFi, select Process Group from the Components toolbar and drag it onto the canvas:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/drag_process_group.png" alt="Drag Process Group">
+</div>
+</div>
+<div class="paragraph">
+<p>Instead of entering a name, click the Import link:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/import_flow_from_registry.png" alt="Import Flow From Registry">
+</div>
+</div>
+<div class="paragraph">
+<p>Choose the version of the flow you want imported and select "Import":</p>
+</div>
+<div class="paragraph">
+<p><span class="image"><img src="images/import_ABCD_version_2.png" alt="Import ABCD Version 2"></span></p>
+</div>
+<div class="paragraph">
+<p>A second identical PG is now added:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/two_ABCD_flows.png" alt="Two ABCD Flow on Canvas">
+</div>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="where-to-go-for-more-information"><a class="anchor" href="getting-started.html#where-to-go-for-more-information"></a>Where To Go For More Information</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>In addition to this Getting Started Guide, more information about NiFi Registry and related features in NiFi can be found in the following guides:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p><a href="user-guide.html">Apache NiFi Registry User Guide</a> - This guide provides information on how to navigate the Registry UI and explains in detail how to manage flows/policies/special privileges and configure users/groups when the Registry is secured.</p>
+</li>
+<li>
+<p><a href="administration-guide.html">Apache NiFi Registry System Administrator’s Guide</a> - A guide for setting up and administering Apache NiFi Registry. Topics covered include: system requirements, security configuration, user authentication, authorization, proxy configuration and details about the different system-level settings.</p>
+</li>
+<li>
+<p><a href="https://nifi.apache.org/docs/nifi-docs/html/user-guide.html" target="_blank" rel="noopener">Apache NiFi User Guide</a> - A fairly extensive guide that is often used more as a Reference Guide, as it provides information on each of the different components available in NiFi and explains how to use the different features provided by the application. It includes the section <a href="https://nifi.apache.org/docs/nifi-docs/html/user-guide.html#versioning_dataflow">"Versioning a Dat [...]
+</li>
+<li>
+<p><a href="https://cwiki.apache.org/confluence/display/NIFI/Contributor+Guide" target="_blank" rel="noopener">Contributor’s Guide</a> - A guide for explaining how to contribute work back to the Apache NiFi community so that others can make use of it.</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>In addition to the guides provided here, you can browse the different
+<a href="https://nifi.apache.org/mailing_lists.html" target="_blank" rel="noopener">NiFi Mailing Lists</a> or send an e-mail to one of the mailing lists at
+<a href="mailto:users@nifi.apache.org">users@nifi.apache.org</a> or
+<a href="mailto:dev@nifi.apache.org">dev@nifi.apache.org</a>.</p>
+</div>
+<div class="paragraph">
+<p>Many of the members of the NiFi community are also available on Twitter and actively monitor for tweets that mention @apachenifi.</p>
+</div>
+</div>
+</div>
+</div>
+<div id="footer">
+<div id="footer-text">
+Last updated 2022-06-13 16:50:03 -0700
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/nifi-registry-docs/html/images/ABCD_flow_changes.png b/docs/nifi-registry-docs/html/images/ABCD_flow_changes.png
new file mode 100644
index 0000000..14b7d4d
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/ABCD_flow_changes.png differ
diff --git a/docs/nifi-registry-docs/html/images/ABCD_flow_in_test_bucket.png b/docs/nifi-registry-docs/html/images/ABCD_flow_in_test_bucket.png
new file mode 100644
index 0000000..da65abb
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/ABCD_flow_in_test_bucket.png differ
diff --git a/docs/nifi-registry-docs/html/images/ABCD_flow_saved.png b/docs/nifi-registry-docs/html/images/ABCD_flow_saved.png
new file mode 100644
index 0000000..3d1f714
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/ABCD_flow_saved.png differ
diff --git a/docs/nifi-registry-docs/html/images/ABCD_process_group_menu.png b/docs/nifi-registry-docs/html/images/ABCD_process_group_menu.png
new file mode 100644
index 0000000..ace96ca
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/ABCD_process_group_menu.png differ
diff --git a/docs/nifi-registry-docs/html/images/ABCD_save_flow_version_2.png b/docs/nifi-registry-docs/html/images/ABCD_save_flow_version_2.png
new file mode 100644
index 0000000..7f8c772
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/ABCD_save_flow_version_2.png differ
diff --git a/docs/nifi-registry-docs/html/images/ABCD_version_2.png b/docs/nifi-registry-docs/html/images/ABCD_version_2.png
new file mode 100644
index 0000000..870ed02
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/ABCD_version_2.png differ
diff --git a/docs/nifi-registry-docs/html/images/add_user_button.png b/docs/nifi-registry-docs/html/images/add_user_button.png
new file mode 100644
index 0000000..69b29fa
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/add_user_button.png differ
diff --git a/docs/nifi-registry-docs/html/images/add_user_dialog.png b/docs/nifi-registry-docs/html/images/add_user_dialog.png
new file mode 100644
index 0000000..0e1d6ea
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/add_user_dialog.png differ
diff --git a/docs/nifi-registry-docs/html/images/add_user_to_groups_dialog.png b/docs/nifi-registry-docs/html/images/add_user_to_groups_dialog.png
new file mode 100644
index 0000000..8890bbb
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/add_user_to_groups_dialog.png differ
diff --git a/docs/nifi-registry-docs/html/images/bucket_menu.png b/docs/nifi-registry-docs/html/images/bucket_menu.png
new file mode 100644
index 0000000..a67acf8
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/bucket_menu.png differ
diff --git a/docs/nifi-registry-docs/html/images/bucket_nav_allow_bundle_overwrite.png b/docs/nifi-registry-docs/html/images/bucket_nav_allow_bundle_overwrite.png
new file mode 100644
index 0000000..61cdb36
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/bucket_nav_allow_bundle_overwrite.png differ
diff --git a/docs/nifi-registry-docs/html/images/bucket_nav_make_public.png b/docs/nifi-registry-docs/html/images/bucket_nav_make_public.png
new file mode 100644
index 0000000..95a4589
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/bucket_nav_make_public.png differ
diff --git a/docs/nifi-registry-docs/html/images/bucket_nav_name_edit.png b/docs/nifi-registry-docs/html/images/bucket_nav_name_edit.png
new file mode 100644
index 0000000..249b37f
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/bucket_nav_name_edit.png differ
diff --git a/docs/nifi-registry-docs/html/images/buckets_filter_by_name.png b/docs/nifi-registry-docs/html/images/buckets_filter_by_name.png
new file mode 100644
index 0000000..ed1c65a
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/buckets_filter_by_name.png differ
diff --git a/docs/nifi-registry-docs/html/images/buckets_sort_by_name.png b/docs/nifi-registry-docs/html/images/buckets_sort_by_name.png
new file mode 100644
index 0000000..4d40f9a
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/buckets_sort_by_name.png differ
diff --git a/docs/nifi-registry-docs/html/images/changed_flow_options.png b/docs/nifi-registry-docs/html/images/changed_flow_options.png
new file mode 100644
index 0000000..88f6abb
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/changed_flow_options.png differ
diff --git a/docs/nifi-registry-docs/html/images/check_multiple_buckets.png b/docs/nifi-registry-docs/html/images/check_multiple_buckets.png
new file mode 100644
index 0000000..cf08d44
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/check_multiple_buckets.png differ
diff --git a/docs/nifi-registry-docs/html/images/check_multiple_users.png b/docs/nifi-registry-docs/html/images/check_multiple_users.png
new file mode 100644
index 0000000..230b5b6
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/check_multiple_users.png differ
diff --git a/docs/nifi-registry-docs/html/images/controller-settings-selection.png b/docs/nifi-registry-docs/html/images/controller-settings-selection.png
new file mode 100644
index 0000000..80dca40
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/controller-settings-selection.png differ
diff --git a/docs/nifi-registry-docs/html/images/create_new_group.png b/docs/nifi-registry-docs/html/images/create_new_group.png
new file mode 100644
index 0000000..288c588
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/create_new_group.png differ
diff --git a/docs/nifi-registry-docs/html/images/create_new_group_dialog.png b/docs/nifi-registry-docs/html/images/create_new_group_dialog.png
new file mode 100644
index 0000000..f29fc9f
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/create_new_group_dialog.png differ
diff --git a/docs/nifi-registry-docs/html/images/delete_bucket_dialog.png b/docs/nifi-registry-docs/html/images/delete_bucket_dialog.png
new file mode 100644
index 0000000..7e43135
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/delete_bucket_dialog.png differ
diff --git a/docs/nifi-registry-docs/html/images/delete_bucket_policy.png b/docs/nifi-registry-docs/html/images/delete_bucket_policy.png
new file mode 100644
index 0000000..1238f8d
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/delete_bucket_policy.png differ
diff --git a/docs/nifi-registry-docs/html/images/delete_bucket_policy_dialog.png b/docs/nifi-registry-docs/html/images/delete_bucket_policy_dialog.png
new file mode 100644
index 0000000..6b6e237
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/delete_bucket_policy_dialog.png differ
diff --git a/docs/nifi-registry-docs/html/images/delete_bucket_single.png b/docs/nifi-registry-docs/html/images/delete_bucket_single.png
new file mode 100644
index 0000000..9fc4a2a
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/delete_bucket_single.png differ
diff --git a/docs/nifi-registry-docs/html/images/delete_buckets_dialog.png b/docs/nifi-registry-docs/html/images/delete_buckets_dialog.png
new file mode 100644
index 0000000..cc55a83
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/delete_buckets_dialog.png differ
diff --git a/docs/nifi-registry-docs/html/images/delete_multiple_buckets.png b/docs/nifi-registry-docs/html/images/delete_multiple_buckets.png
new file mode 100644
index 0000000..8b5f9b2
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/delete_multiple_buckets.png differ
diff --git a/docs/nifi-registry-docs/html/images/delete_multiple_users.png b/docs/nifi-registry-docs/html/images/delete_multiple_users.png
new file mode 100644
index 0000000..31f4ad2
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/delete_multiple_users.png differ
diff --git a/docs/nifi-registry-docs/html/images/delete_user_dialog.png b/docs/nifi-registry-docs/html/images/delete_user_dialog.png
new file mode 100644
index 0000000..35f2253
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/delete_user_dialog.png differ
diff --git a/docs/nifi-registry-docs/html/images/delete_user_single.png b/docs/nifi-registry-docs/html/images/delete_user_single.png
new file mode 100644
index 0000000..82599e4
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/delete_user_single.png differ
diff --git a/docs/nifi-registry-docs/html/images/delete_users_groups_dialog.png b/docs/nifi-registry-docs/html/images/delete_users_groups_dialog.png
new file mode 100644
index 0000000..0c00989
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/delete_users_groups_dialog.png differ
diff --git a/docs/nifi-registry-docs/html/images/drag_process_group.png b/docs/nifi-registry-docs/html/images/drag_process_group.png
new file mode 100644
index 0000000..d187616
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/drag_process_group.png differ
diff --git a/docs/nifi-registry-docs/html/images/empty_registry.png b/docs/nifi-registry-docs/html/images/empty_registry.png
new file mode 100644
index 0000000..e2959ae
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/empty_registry.png differ
diff --git a/docs/nifi-registry-docs/html/images/export_version.png b/docs/nifi-registry-docs/html/images/export_version.png
new file mode 100644
index 0000000..d6aa3c0
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/export_version.png differ
diff --git a/docs/nifi-registry-docs/html/images/export_version_action.png b/docs/nifi-registry-docs/html/images/export_version_action.png
new file mode 100644
index 0000000..7dc03cf
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/export_version_action.png differ
diff --git a/docs/nifi-registry-docs/html/images/flow_change_log.png b/docs/nifi-registry-docs/html/images/flow_change_log.png
new file mode 100644
index 0000000..15fa5c7
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/flow_change_log.png differ
diff --git a/docs/nifi-registry-docs/html/images/flow_delete_action.png b/docs/nifi-registry-docs/html/images/flow_delete_action.png
new file mode 100644
index 0000000..acee68c
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/flow_delete_action.png differ
diff --git a/docs/nifi-registry-docs/html/images/flow_delete_confirm.png b/docs/nifi-registry-docs/html/images/flow_delete_confirm.png
new file mode 100644
index 0000000..6010bb6
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/flow_delete_confirm.png differ
diff --git a/docs/nifi-registry-docs/html/images/flows_all.png b/docs/nifi-registry-docs/html/images/flows_all.png
new file mode 100644
index 0000000..b189b71
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/flows_all.png differ
diff --git a/docs/nifi-registry-docs/html/images/flows_filter_by_name.png b/docs/nifi-registry-docs/html/images/flows_filter_by_name.png
new file mode 100644
index 0000000..aea9307
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/flows_filter_by_name.png differ
diff --git a/docs/nifi-registry-docs/html/images/flows_sort_menu.png b/docs/nifi-registry-docs/html/images/flows_sort_menu.png
new file mode 100644
index 0000000..d8b9f0c
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/flows_sort_menu.png differ
diff --git a/docs/nifi-registry-docs/html/images/group_added.png b/docs/nifi-registry-docs/html/images/group_added.png
new file mode 100644
index 0000000..7627f6e
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/group_added.png differ
diff --git a/docs/nifi-registry-docs/html/images/iconDelete.png b/docs/nifi-registry-docs/html/images/iconDelete.png
new file mode 100644
index 0000000..cf4d048
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/iconDelete.png differ
diff --git a/docs/nifi-registry-docs/html/images/iconHelp.png b/docs/nifi-registry-docs/html/images/iconHelp.png
new file mode 100644
index 0000000..601ec42
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/iconHelp.png differ
diff --git a/docs/nifi-registry-docs/html/images/iconLocallyModified.png b/docs/nifi-registry-docs/html/images/iconLocallyModified.png
new file mode 100644
index 0000000..4f72251
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/iconLocallyModified.png differ
diff --git a/docs/nifi-registry-docs/html/images/iconManage.png b/docs/nifi-registry-docs/html/images/iconManage.png
new file mode 100644
index 0000000..d70dedf
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/iconManage.png differ
diff --git a/docs/nifi-registry-docs/html/images/iconSettings.png b/docs/nifi-registry-docs/html/images/iconSettings.png
new file mode 100644
index 0000000..693255c
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/iconSettings.png differ
diff --git a/docs/nifi-registry-docs/html/images/iconUpToDate.png b/docs/nifi-registry-docs/html/images/iconUpToDate.png
new file mode 100644
index 0000000..78e52eb
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/iconUpToDate.png differ
diff --git a/docs/nifi-registry-docs/html/images/import_ABCD_version_2.png b/docs/nifi-registry-docs/html/images/import_ABCD_version_2.png
new file mode 100644
index 0000000..fa88678
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/import_ABCD_version_2.png differ
diff --git a/docs/nifi-registry-docs/html/images/import_flow_from_registry.png b/docs/nifi-registry-docs/html/images/import_flow_from_registry.png
new file mode 100644
index 0000000..c2fa67a
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/import_flow_from_registry.png differ
diff --git a/docs/nifi-registry-docs/html/images/import_new_flow.png b/docs/nifi-registry-docs/html/images/import_new_flow.png
new file mode 100644
index 0000000..43d4880
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/import_new_flow.png differ
diff --git a/docs/nifi-registry-docs/html/images/import_new_flow_button.png b/docs/nifi-registry-docs/html/images/import_new_flow_button.png
new file mode 100644
index 0000000..8b4bb2a
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/import_new_flow_button.png differ
diff --git a/docs/nifi-registry-docs/html/images/import_new_version.png b/docs/nifi-registry-docs/html/images/import_new_version.png
new file mode 100644
index 0000000..81b2070
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/import_new_version.png differ
diff --git a/docs/nifi-registry-docs/html/images/import_new_version_action.png b/docs/nifi-registry-docs/html/images/import_new_version_action.png
new file mode 100644
index 0000000..8cfbe85
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/import_new_version_action.png differ
diff --git a/docs/nifi-registry-docs/html/images/local_registry.png b/docs/nifi-registry-docs/html/images/local_registry.png
new file mode 100644
index 0000000..047dd71
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/local_registry.png differ
diff --git a/docs/nifi-registry-docs/html/images/loginRegistry.png b/docs/nifi-registry-docs/html/images/loginRegistry.png
new file mode 100644
index 0000000..9fa3f9d
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/loginRegistry.png differ
diff --git a/docs/nifi-registry-docs/html/images/manage_bucket.png b/docs/nifi-registry-docs/html/images/manage_bucket.png
new file mode 100644
index 0000000..e2159da
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/manage_bucket.png differ
diff --git a/docs/nifi-registry-docs/html/images/manage_user.png b/docs/nifi-registry-docs/html/images/manage_user.png
new file mode 100644
index 0000000..d8174c0
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/manage_user.png differ
diff --git a/docs/nifi-registry-docs/html/images/new_bucket_button.png b/docs/nifi-registry-docs/html/images/new_bucket_button.png
new file mode 100644
index 0000000..147d5d0
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/new_bucket_button.png differ
diff --git a/docs/nifi-registry-docs/html/images/new_bucket_dialog.png b/docs/nifi-registry-docs/html/images/new_bucket_dialog.png
new file mode 100644
index 0000000..ac0a41e
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/new_bucket_dialog.png differ
diff --git a/docs/nifi-registry-docs/html/images/new_bucket_policy_added.png b/docs/nifi-registry-docs/html/images/new_bucket_policy_added.png
new file mode 100644
index 0000000..578ffd3
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/new_bucket_policy_added.png differ
diff --git a/docs/nifi-registry-docs/html/images/new_bucket_policy_create.png b/docs/nifi-registry-docs/html/images/new_bucket_policy_create.png
new file mode 100644
index 0000000..9a6aedd
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/new_bucket_policy_create.png differ
diff --git a/docs/nifi-registry-docs/html/images/new_bucket_policy_user_permission.png b/docs/nifi-registry-docs/html/images/new_bucket_policy_user_permission.png
new file mode 100644
index 0000000..3367009
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/new_bucket_policy_user_permission.png differ
diff --git a/docs/nifi-registry-docs/html/images/new_test_bucket.png b/docs/nifi-registry-docs/html/images/new_test_bucket.png
new file mode 100644
index 0000000..26aa4b1
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/new_test_bucket.png differ
diff --git a/docs/nifi-registry-docs/html/images/nifi-registry-components.png b/docs/nifi-registry-docs/html/images/nifi-registry-components.png
new file mode 100644
index 0000000..2225ab6
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/nifi-registry-components.png differ
diff --git a/docs/nifi-registry-docs/html/images/remove_group_from_user.png b/docs/nifi-registry-docs/html/images/remove_group_from_user.png
new file mode 100644
index 0000000..c1ccef3
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/remove_group_from_user.png differ
diff --git a/docs/nifi-registry-docs/html/images/remove_user_from_group.png b/docs/nifi-registry-docs/html/images/remove_user_from_group.png
new file mode 100644
index 0000000..2270cae
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/remove_user_from_group.png differ
diff --git a/docs/nifi-registry-docs/html/images/save_ABCD_flow_dialog.png b/docs/nifi-registry-docs/html/images/save_ABCD_flow_dialog.png
new file mode 100644
index 0000000..0c20d2e
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/save_ABCD_flow_dialog.png differ
diff --git a/docs/nifi-registry-docs/html/images/select_users_create_new_group.png b/docs/nifi-registry-docs/html/images/select_users_create_new_group.png
new file mode 100644
index 0000000..36f8dd6
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/select_users_create_new_group.png differ
diff --git a/docs/nifi-registry-docs/html/images/select_users_create_new_group_dialog.png b/docs/nifi-registry-docs/html/images/select_users_create_new_group_dialog.png
new file mode 100644
index 0000000..33f9142
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/select_users_create_new_group_dialog.png differ
diff --git a/docs/nifi-registry-docs/html/images/select_users_new_group_added.png b/docs/nifi-registry-docs/html/images/select_users_new_group_added.png
new file mode 100644
index 0000000..b9dc4b4
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/select_users_new_group_added.png differ
diff --git a/docs/nifi-registry-docs/html/images/test_bucket.png b/docs/nifi-registry-docs/html/images/test_bucket.png
new file mode 100644
index 0000000..bfccd63
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/test_bucket.png differ
diff --git a/docs/nifi-registry-docs/html/images/test_bucket_dialog.png b/docs/nifi-registry-docs/html/images/test_bucket_dialog.png
new file mode 100644
index 0000000..0250717
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/test_bucket_dialog.png differ
diff --git a/docs/nifi-registry-docs/html/images/two_ABCD_flows.png b/docs/nifi-registry-docs/html/images/two_ABCD_flows.png
new file mode 100644
index 0000000..afec033
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/two_ABCD_flows.png differ
diff --git a/docs/nifi-registry-docs/html/images/user_nav_add_to_group.png b/docs/nifi-registry-docs/html/images/user_nav_add_to_group.png
new file mode 100644
index 0000000..6c95898
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/user_nav_add_to_group.png differ
diff --git a/docs/nifi-registry-docs/html/images/user_nav_name_edit.png b/docs/nifi-registry-docs/html/images/user_nav_name_edit.png
new file mode 100644
index 0000000..006300b
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/user_nav_name_edit.png differ
diff --git a/docs/nifi-registry-docs/html/images/user_special_privileges.png b/docs/nifi-registry-docs/html/images/user_special_privileges.png
new file mode 100644
index 0000000..2bf6410
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/user_special_privileges.png differ
diff --git a/docs/nifi-registry-docs/html/images/users_filter_by_name.png b/docs/nifi-registry-docs/html/images/users_filter_by_name.png
new file mode 100644
index 0000000..7b994a3
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/users_filter_by_name.png differ
diff --git a/docs/nifi-registry-docs/html/images/users_non_configurable.png b/docs/nifi-registry-docs/html/images/users_non_configurable.png
new file mode 100644
index 0000000..f2500a1
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/users_non_configurable.png differ
diff --git a/docs/nifi-registry-docs/html/images/users_sort_by_name.png b/docs/nifi-registry-docs/html/images/users_sort_by_name.png
new file mode 100644
index 0000000..4548813
Binary files /dev/null and b/docs/nifi-registry-docs/html/images/users_sort_by_name.png differ
diff --git a/docs/nifi-registry-docs/html/user-guide.html b/docs/nifi-registry-docs/html/user-guide.html
new file mode 100644
index 0000000..79704b4
--- /dev/null
+++ b/docs/nifi-registry-docs/html/user-guide.html
@@ -0,0 +1,1658 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<!--[if IE]><meta http-equiv="X-UA-Compatible" content="IE=edge"><![endif]-->
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<meta name="generator" content="Asciidoctor 1.5.8">
+<meta name="author" content="Apache NiFi Team">
+<title>Apache NiFi Registry User Guide</title>
+<style>
+/* Asciidoctor default stylesheet | MIT License | https://asciidoctor.org */
+/* Copyright (C) 2012-2015 Dan Allen, Ryan Waldron and the Asciidoctor Project
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE. */
+/* Remove the comments around the @import statement below when using this as a custom stylesheet */
+@import "https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400";
+article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section,summary{display:block}
+audio,canvas,video{display:inline-block}
+audio:not([controls]){display:none;height:0}
+[hidden],template{display:none}
+script{display:none!important}
+html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}
+body{margin:0}
+a{background:transparent}
+a:focus{outline:thin dotted}
+a:active,a:hover{outline:0}
+h1{font-size:2em;margin:.67em 0}
+abbr[title]{border-bottom:1px dotted}
+b,strong{font-weight:bold}
+dfn{font-style:italic}
+hr{-moz-box-sizing:content-box;box-sizing:content-box;height:0}
+mark{background:#ff0;color:#000}
+code,kbd,pre,samp{font-family:monospace;font-size:1em}
+pre{white-space:pre-wrap}
+q{quotes:"\201C" "\201D" "\2018" "\2019"}
+small{font-size:80%}
+sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}
+sup{top:-.5em}
+sub{bottom:-.25em}
+img{border:0}
+svg:not(:root){overflow:hidden}
+figure{margin:0}
+fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em}
+legend{border:0;padding:0}
+button,input,select,textarea{font-family:inherit;font-size:100%;margin:0}
+button,input{line-height:normal}
+button,select{text-transform:none}
+button,html input[type="button"],input[type="reset"],input[type="submit"]{-webkit-appearance:button;cursor:pointer}
+button[disabled],html input[disabled]{cursor:default}
+input[type="checkbox"],input[type="radio"]{box-sizing:border-box;padding:0}
+input[type="search"]{-webkit-appearance:textfield;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;box-sizing:content-box}
+input[type="search"]::-webkit-search-cancel-button,input[type="search"]::-webkit-search-decoration{-webkit-appearance:none}
+button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0}
+textarea{overflow:auto;vertical-align:top}
+table{border-collapse:collapse;border-spacing:0}
+*,*:before,*:after{-moz-box-sizing:border-box;-webkit-box-sizing:border-box;box-sizing:border-box}
+html,body{font-size:100%}
+body{background:#fff;color:rgba(0,0,0,.8);padding:0;margin:0;font-family:"Noto Serif","DejaVu Serif",serif;font-weight:400;font-style:normal;line-height:1;position:relative;cursor:auto}
+a:hover{cursor:pointer}
+img,object,embed{max-width:100%;height:auto}
+object,embed{height:100%}
+img{-ms-interpolation-mode:bicubic}
+#map_canvas img,#map_canvas embed,#map_canvas object,.map_canvas img,.map_canvas embed,.map_canvas object{max-width:none!important}
+.left{float:left!important}
+.right{float:right!important}
+.text-left{text-align:left!important}
+.text-right{text-align:right!important}
+.text-center{text-align:center!important}
+.text-justify{text-align:justify!important}
+.hide{display:none}
+.antialiased,body{-webkit-font-smoothing:antialiased}
+img{display:inline-block;vertical-align:middle}
+textarea{height:auto;min-height:50px}
+select{width:100%}
+p.lead,.paragraph.lead>p,#preamble>.sectionbody>.paragraph:first-of-type p{font-size:1.21875em;line-height:1.6}
+.subheader,.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{line-height:1.45;color:#7a2518;font-weight:400;margin-top:0;margin-bottom:.25em}
+div,dl,dt,dd,ul,ol,li,h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6,pre,form,p,blockquote,th,td{margin:0;padding:0;direction:ltr}
+a{color:#2156a5;text-decoration:underline;line-height:inherit}
+a:hover,a:focus{color:#1d4b8f}
+a img{border:none}
+p{font-family:inherit;font-weight:400;font-size:1em;line-height:1.6;margin-bottom:1.25em;text-rendering:optimizeLegibility}
+p aside{font-size:.875em;line-height:1.35;font-style:italic}
+h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{font-family:"Open Sans","DejaVu Sans",sans-serif;font-weight:300;font-style:normal;color:#ba3925;text-rendering:optimizeLegibility;margin-top:1em;margin-bottom:.5em;line-height:1.0125em}
+h1 small,h2 small,h3 small,#toctitle small,.sidebarblock>.content>.title small,h4 small,h5 small,h6 small{font-size:60%;color:#e99b8f;line-height:0}
+h1{font-size:2.125em}
+h2{font-size:1.6875em}
+h3,#toctitle,.sidebarblock>.content>.title{font-size:1.375em}
+h4,h5{font-size:1.125em}
+h6{font-size:1em}
+hr{border:solid #ddddd8;border-width:1px 0 0;clear:both;margin:1.25em 0 1.1875em;height:0}
+em,i{font-style:italic;line-height:inherit}
+strong,b{font-weight:bold;line-height:inherit}
+small{font-size:60%;line-height:inherit}
+code{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;color:rgba(0,0,0,.9);padding-right: 1px;}
+ul,ol,dl{font-size:1em;line-height:1.6;margin-bottom:1.25em;list-style-position:outside;font-family:inherit}
+ul,ol,ul.no-bullet,ol.no-bullet{margin-left:1.5em}
+ul li ul,ul li ol{margin-left:1.25em;margin-bottom:0;font-size:1em}
+ul.square li ul,ul.circle li ul,ul.disc li ul{list-style:inherit}
+ul.square{list-style-type:square}
+ul.circle{list-style-type:circle}
+ul.disc{list-style-type:disc}
+ul.no-bullet{list-style:none}
+ol li ul,ol li ol{margin-left:1.25em;margin-bottom:0}
+dl dt{margin-bottom:.3125em;font-weight:bold}
+dl dd{margin-bottom:1.25em}
+abbr,acronym{text-transform:uppercase;font-size:90%;color:rgba(0,0,0,.8);border-bottom:1px dotted #ddd;cursor:help}
+abbr{text-transform:none}
+blockquote{margin:0 0 1.25em;padding:.5625em 1.25em 0 1.1875em;border-left:1px solid #ddd}
+blockquote cite{display:block;font-size:.9375em;color:rgba(0,0,0,.6)}
+blockquote cite:before{content:"\2014 \0020"}
+blockquote cite a,blockquote cite a:visited{color:rgba(0,0,0,.6)}
+blockquote,blockquote p{line-height:1.6;color:rgba(0,0,0,.85)}
+@media only screen and (min-width:768px){h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2}
+h1{font-size:2.75em}
+h2{font-size:2.3125em}
+h3,#toctitle,.sidebarblock>.content>.title{font-size:1.6875em}
+h4{font-size:1.4375em}}table{background:#fff;margin-bottom:1.25em;border:solid 1px #dedede}
+table thead,table tfoot{background:#f7f8f7;font-weight:bold}
+table thead tr th,table thead tr td,table tfoot tr th,table tfoot tr td{padding:.5em .625em .625em;font-size:inherit;color:rgba(0,0,0,.8);text-align:left}
+table tr th,table tr td{padding:.5625em .625em;font-size:inherit;color:rgba(0,0,0,.8)}
+table tr.even,table tr.alt,table tr:nth-of-type(even){background:#f8f8f7}
+table thead tr th,table tfoot tr th,table tbody tr td,table tr td,table tfoot tr td{display:table-cell;line-height:1.6}
+h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2;word-spacing:-.05em}
+h1 strong,h2 strong,h3 strong,#toctitle strong,.sidebarblock>.content>.title strong,h4 strong,h5 strong,h6 strong{font-weight:400}
+.clearfix:before,.clearfix:after,.float-group:before,.float-group:after{content:" ";display:table}
+.clearfix:after,.float-group:after{clear:both}
+*:not(pre)>code{font-size:.9375em;font-style:normal!important;letter-spacing:0;word-spacing:-.15em;background-color:#f7f7f8;-webkit-border-radius:4px;border-radius:4px;line-height:1.45;text-rendering:optimizeSpeed}
+pre,pre>code{line-height:1.45;color:rgba(0,0,0,.9);font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;text-rendering:optimizeSpeed}
+.keyseq{color:rgba(51,51,51,.8)}
+kbd{display:inline-block;color:rgba(0,0,0,.8);font-size:.75em;line-height:1.4;background-color:#f7f7f7;border:1px solid #ccc;-webkit-border-radius:3px;border-radius:3px;-webkit-box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em white inset;box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em #fff inset;margin:-.15em .15em 0 .15em;padding:.2em .6em .2em .5em;vertical-align:middle;white-space:nowrap}
+.keyseq kbd:first-child{margin-left:0}
+.keyseq kbd:last-child{margin-right:0}
+.menuseq,.menu{color:rgba(0,0,0,.8)}
+b.button:before,b.button:after{position:relative;top:-1px;font-weight:400}
+b.button:before{content:"[";padding:0 3px 0 2px}
+b.button:after{content:"]";padding:0 2px 0 3px}
+p a>code:hover{color:rgba(0,0,0,.9)}
+#header,#content,#footnotes,#footer{width:100%;margin-left:auto;margin-right:auto;margin-top:0;margin-bottom:0;max-width:62.5em;*zoom:1;position:relative;padding-left:.9375em;padding-right:.9375em}
+#header:before,#header:after,#content:before,#content:after,#footnotes:before,#footnotes:after,#footer:before,#footer:after{content:" ";display:table}
+#header:after,#content:after,#footnotes:after,#footer:after{clear:both}
+#content{margin-top:1.25em}
+#content:before{content:none}
+#header>h1:first-child{color:rgba(0,0,0,.85);margin-top:2.25rem;margin-bottom:0}
+#header>h1:first-child+#toc{margin-top:8px;border-top:1px solid #ddddd8}
+#header>h1:only-child,body.toc2 #header>h1:nth-last-child(2){border-bottom:1px solid #ddddd8;padding-bottom:8px}
+#header .details{border-bottom:1px solid #ddddd8;line-height:1.45;padding-top:.25em;padding-bottom:.25em;padding-left:.25em;color:rgba(0,0,0,.6);display:-ms-flexbox;display:-webkit-flex;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap}
+#header .details span:first-child{margin-left:-.125em}
+#header .details span.email a{color:rgba(0,0,0,.85)}
+#header .details br{display:none}
+#header .details br+span:before{content:"\00a0\2013\00a0"}
+#header .details br+span.author:before{content:"\00a0\22c5\00a0";color:rgba(0,0,0,.85)}
+#header .details br+span#revremark:before{content:"\00a0|\00a0"}
+#header #revnumber{text-transform:capitalize}
+#header #revnumber:after{content:"\00a0"}
+#content>h1:first-child:not([class]){color:rgba(0,0,0,.85);border-bottom:1px solid #ddddd8;padding-bottom:8px;margin-top:0;padding-top:1rem;margin-bottom:1.25rem}
+#toc{border-bottom:1px solid #efefed;padding-bottom:.5em}
+#toc>ul{margin-left:.125em}
+#toc ul.sectlevel0>li>a{font-style:italic}
+#toc ul.sectlevel0 ul.sectlevel1{margin:.5em 0}
+#toc ul{font-family:"Open Sans","DejaVu Sans",sans-serif;list-style-type:none}
+#toc a{text-decoration:none}
+#toc a:active{text-decoration:underline}
+#toctitle{color:#7a2518;font-size:1.2em}
+@media only screen and (min-width:768px){#toctitle{font-size:1.375em}
+body.toc2{padding-left:15em;padding-right:0}
+#toc.toc2{margin-top:0!important;background-color:#f8f8f7;position:fixed;width:15em;left:0;top:0;border-right:1px solid #efefed;border-top-width:0!important;border-bottom-width:0!important;z-index:1000;padding:1.25em 1em;height:100%;overflow:auto}
+#toc.toc2 #toctitle{margin-top:0;font-size:1.2em}
+#toc.toc2>ul{font-size:.9em;margin-bottom:0}
+#toc.toc2 ul ul{margin-left:0;padding-left:1em}
+#toc.toc2 ul.sectlevel0 ul.sectlevel1{padding-left:0;margin-top:.5em;margin-bottom:.5em}
+body.toc2.toc-right{padding-left:0;padding-right:15em}
+body.toc2.toc-right #toc.toc2{border-right-width:0;border-left:1px solid #efefed;left:auto;right:0}}@media only screen and (min-width:1280px){body.toc2{padding-left:20em;padding-right:0}
+#toc.toc2{width:20em}
+#toc.toc2 #toctitle{font-size:1.375em}
+#toc.toc2>ul{font-size:.95em}
+#toc.toc2 ul ul{padding-left:1.25em}
+body.toc2.toc-right{padding-left:0;padding-right:20em}}#content #toc{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px}
+#content #toc>:first-child{margin-top:0}
+#content #toc>:last-child{margin-bottom:0}
+#footer{max-width:100%;background-color:rgba(0,0,0,.8);padding:1.25em}
+#footer-text{color:rgba(255,255,255,.8);line-height:1.44}
+.sect1{padding-bottom:.625em}
+@media only screen and (min-width:768px){.sect1{padding-bottom:1.25em}}.sect1+.sect1{border-top:1px solid #efefed}
+#content h1>a.anchor,h2>a.anchor,h3>a.anchor,#toctitle>a.anchor,.sidebarblock>.content>.title>a.anchor,h4>a.anchor,h5>a.anchor,h6>a.anchor{position:absolute;z-index:1001;width:1.5ex;margin-left:-1.5ex;display:block;text-decoration:none!important;visibility:hidden;text-align:center;font-weight:400}
+#content h1>a.anchor:before,h2>a.anchor:before,h3>a.anchor:before,#toctitle>a.anchor:before,.sidebarblock>.content>.title>a.anchor:before,h4>a.anchor:before,h5>a.anchor:before,h6>a.anchor:before{content:"\00A7";font-size:.85em;display:block;padding-top:.1em}
+#content h1:hover>a.anchor,#content h1>a.anchor:hover,h2:hover>a.anchor,h2>a.anchor:hover,h3:hover>a.anchor,#toctitle:hover>a.anchor,.sidebarblock>.content>.title:hover>a.anchor,h3>a.anchor:hover,#toctitle>a.anchor:hover,.sidebarblock>.content>.title>a.anchor:hover,h4:hover>a.anchor,h4>a.anchor:hover,h5:hover>a.anchor,h5>a.anchor:hover,h6:hover>a.anchor,h6>a.anchor:hover{visibility:visible}
+#content h1>a.link,h2>a.link,h3>a.link,#toctitle>a.link,.sidebarblock>.content>.title>a.link,h4>a.link,h5>a.link,h6>a.link{color:#ba3925;text-decoration:none}
+#content h1>a.link:hover,h2>a.link:hover,h3>a.link:hover,#toctitle>a.link:hover,.sidebarblock>.content>.title>a.link:hover,h4>a.link:hover,h5>a.link:hover,h6>a.link:hover{color:#a53221}
+.audioblock,.imageblock,.literalblock,.listingblock,.stemblock,.videoblock{margin-bottom:1.25em}
+.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{text-rendering:optimizeLegibility;text-align:left;font-family:"Noto Serif","DejaVu Serif",serif;font-size:1rem;font-style:italic}
+table.tableblock>caption.title{white-space:nowrap;overflow:visible;max-width:0}
+.paragraph.lead>p,#preamble>.sectionbody>.paragraph:first-of-type p{color:rgba(0,0,0,.85)}
+table.tableblock #preamble>.sectionbody>.paragraph:first-of-type p{font-size:inherit}
+.admonitionblock>table{border-collapse:separate;border:0;background:none;width:100%}
+.admonitionblock>table td.icon{text-align:center;width:80px}
+.admonitionblock>table td.icon img{max-width:none}
+.admonitionblock>table td.icon .title{font-weight:bold;font-family:"Open Sans","DejaVu Sans",sans-serif;text-transform:uppercase}
+.admonitionblock>table td.content{padding-left:1.125em;padding-right:1.25em;border-left:1px solid #ddddd8;color:rgba(0,0,0,.6)}
+.admonitionblock>table td.content>:last-child>:last-child{margin-bottom:0}
+.exampleblock>.content{border-style:solid;border-width:1px;border-color:#e6e6e6;margin-bottom:1.25em;padding:1.25em;background:#fff;-webkit-border-radius:4px;border-radius:4px}
+.exampleblock>.content>:first-child{margin-top:0}
+.exampleblock>.content>:last-child{margin-bottom:0}
+.sidebarblock{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px}
+.sidebarblock>:first-child{margin-top:0}
+.sidebarblock>:last-child{margin-bottom:0}
+.sidebarblock>.content>.title{color:#7a2518;margin-top:0;text-align:center}
+.exampleblock>.content>:last-child>:last-child,.exampleblock>.content .olist>ol>li:last-child>:last-child,.exampleblock>.content .ulist>ul>li:last-child>:last-child,.exampleblock>.content .qlist>ol>li:last-child>:last-child,.sidebarblock>.content>:last-child>:last-child,.sidebarblock>.content .olist>ol>li:last-child>:last-child,.sidebarblock>.content .ulist>ul>li:last-child>:last-child,.sidebarblock>.content .qlist>ol>li:last-child>:last-child{margin-bottom:0}
+.literalblock pre,.listingblock pre:not(.highlight),.listingblock pre[class="highlight"],.listingblock pre[class^="highlight "],.listingblock pre.CodeRay,.listingblock pre.prettyprint{background:#f7f7f8}
+.sidebarblock .literalblock pre,.sidebarblock .listingblock pre:not(.highlight),.sidebarblock .listingblock pre[class="highlight"],.sidebarblock .listingblock pre[class^="highlight "],.sidebarblock .listingblock pre.CodeRay,.sidebarblock .listingblock pre.prettyprint{background:#f2f1f1}
+.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{-webkit-border-radius:4px;border-radius:4px;word-wrap:break-word;padding:1em;font-size:.8125em}
+.literalblock pre.nowrap,.literalblock pre[class].nowrap,.listingblock pre.nowrap,.listingblock pre[class].nowrap{overflow-x:auto;white-space:pre;word-wrap:normal}
+@media only screen and (min-width:768px){.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{font-size:.90625em}}@media only screen and (min-width:1280px){.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{font-size:1em}}.literalblock.output pre{color:#f7f7f8;background-color:rgba(0,0,0,.9)}
+.listingblock pre.highlightjs{padding:0}
+.listingblock pre.highlightjs>code{padding:1em;-webkit-border-radius:4px;border-radius:4px}
+.listingblock pre.prettyprint{border-width:0}
+.listingblock>.content{position:relative}
+.listingblock code[data-lang]:before{display:none;content:attr(data-lang);position:absolute;font-size:.75em;top:.425rem;right:.5rem;line-height:1;text-transform:uppercase;color:#999}
+.listingblock:hover code[data-lang]:before{display:block}
+.listingblock.terminal pre .command:before{content:attr(data-prompt);padding-right:.5em;color:#999}
+.listingblock.terminal pre .command:not([data-prompt]):before{content:"$"}
+table.pyhltable{border-collapse:separate;border:0;margin-bottom:0;background:none}
+table.pyhltable td{vertical-align:top;padding-top:0;padding-bottom:0}
+table.pyhltable td.code{padding-left:.75em;padding-right:0}
+pre.pygments .lineno,table.pyhltable td:not(.code){color:#999;padding-left:0;padding-right:.5em;border-right:1px solid #ddddd8}
+pre.pygments .lineno{display:inline-block;margin-right:.25em}
+table.pyhltable .linenodiv{background:none!important;padding-right:0!important}
+.quoteblock{margin:0 1em 1.25em 1.5em;display:table}
+.quoteblock>.title{margin-left:-1.5em;margin-bottom:.75em}
+.quoteblock blockquote,.quoteblock blockquote p{color:rgba(0,0,0,.85);font-size:1.15rem;line-height:1.75;word-spacing:.1em;letter-spacing:0;font-style:italic;text-align:justify}
+.quoteblock blockquote{margin:0;padding:0;border:0}
+.quoteblock blockquote:before{content:"\201c";float:left;font-size:2.75em;font-weight:bold;line-height:.6em;margin-left:-.6em;color:#7a2518;text-shadow:0 1px 2px rgba(0,0,0,.1)}
+.quoteblock blockquote>.paragraph:last-child p{margin-bottom:0}
+.quoteblock .attribution{margin-top:.5em;margin-right:.5ex;text-align:right}
+.quoteblock .quoteblock{margin-left:0;margin-right:0;padding:.5em 0;border-left:3px solid rgba(0,0,0,.6)}
+.quoteblock .quoteblock blockquote{padding:0 0 0 .75em}
+.quoteblock .quoteblock blockquote:before{display:none}
+.verseblock{margin:0 1em 1.25em 1em}
+.verseblock pre{font-family:"Open Sans","DejaVu Sans",sans;font-size:1.15rem;color:rgba(0,0,0,.85);font-weight:300;text-rendering:optimizeLegibility}
+.verseblock pre strong{font-weight:400}
+.verseblock .attribution{margin-top:1.25rem;margin-left:.5ex}
+.quoteblock .attribution,.verseblock .attribution{font-size:.9375em;line-height:1.45;font-style:italic}
+.quoteblock .attribution br,.verseblock .attribution br{display:none}
+.quoteblock .attribution cite,.verseblock .attribution cite{display:block;letter-spacing:-.05em;color:rgba(0,0,0,.6)}
+.quoteblock.abstract{margin:0 0 1.25em 0;display:block}
+.quoteblock.abstract blockquote,.quoteblock.abstract blockquote p{text-align:left;word-spacing:0}
+.quoteblock.abstract blockquote:before,.quoteblock.abstract blockquote p:first-of-type:before{display:none}
+table.tableblock{max-width:100%;border-collapse:separate}
+table.tableblock td>.paragraph:last-child p>p:last-child,table.tableblock th>p:last-child,table.tableblock td>p:last-child{margin-bottom:0}
+table.spread{width:100%}
+table.tableblock,th.tableblock,td.tableblock{border:0 solid #dedede}
+table.grid-all th.tableblock,table.grid-all td.tableblock{border-width:0 1px 1px 0}
+table.grid-all tfoot>tr>th.tableblock,table.grid-all tfoot>tr>td.tableblock{border-width:1px 1px 0 0}
+table.grid-cols th.tableblock,table.grid-cols td.tableblock{border-width:0 1px 0 0}
+table.grid-all *>tr>.tableblock:last-child,table.grid-cols *>tr>.tableblock:last-child{border-right-width:0}
+table.grid-rows th.tableblock,table.grid-rows td.tableblock{border-width:0 0 1px 0}
+table.grid-all tbody>tr:last-child>th.tableblock,table.grid-all tbody>tr:last-child>td.tableblock,table.grid-all thead:last-child>tr>th.tableblock,table.grid-rows tbody>tr:last-child>th.tableblock,table.grid-rows tbody>tr:last-child>td.tableblock,table.grid-rows thead:last-child>tr>th.tableblock{border-bottom-width:0}
+table.grid-rows tfoot>tr>th.tableblock,table.grid-rows tfoot>tr>td.tableblock{border-width:1px 0 0 0}
+table.frame-all{border-width:1px}
+table.frame-sides{border-width:0 1px}
+table.frame-topbot{border-width:1px 0}
+th.halign-left,td.halign-left{text-align:left}
+th.halign-right,td.halign-right{text-align:right}
+th.halign-center,td.halign-center{text-align:center}
+th.valign-top,td.valign-top{vertical-align:top}
+th.valign-bottom,td.valign-bottom{vertical-align:bottom}
+th.valign-middle,td.valign-middle{vertical-align:middle}
+table thead th,table tfoot th{font-weight:bold}
+tbody tr th{display:table-cell;line-height:1.6;background:#f7f8f7}
+tbody tr th,tbody tr th p,tfoot tr th,tfoot tr th p{color:rgba(0,0,0,.8);font-weight:bold}
+p.tableblock>code:only-child{background:none;padding:0}
+p.tableblock{font-size:1em}
+td>div.verse{white-space:pre}
+ol{margin-left:1.75em}
+ul li ol{margin-left:1.5em}
+dl dd{margin-left:1.125em}
+dl dd:last-child,dl dd:last-child>:last-child{margin-bottom:0}
+ol>li p,ul>li p,ul dd,ol dd,.olist .olist,.ulist .ulist,.ulist .olist,.olist .ulist{margin-bottom:.625em}
+ul.unstyled,ol.unnumbered,ul.checklist,ul.none{list-style-type:none}
+ul.unstyled,ol.unnumbered,ul.checklist{margin-left:.625em}
+ul.checklist li>p:first-child>.fa-square-o:first-child,ul.checklist li>p:first-child>.fa-check-square-o:first-child{width:1em;font-size:.85em}
+ul.checklist li>p:first-child>input[type="checkbox"]:first-child{width:1em;position:relative;top:1px}
+ul.inline{margin:0 auto .625em auto;margin-left:-1.375em;margin-right:0;padding:0;list-style:none;overflow:hidden}
+ul.inline>li{list-style:none;float:left;margin-left:1.375em;display:block}
+ul.inline>li>*{display:block}
+.unstyled dl dt{font-weight:400;font-style:normal}
+ol.arabic{list-style-type:decimal}
+ol.decimal{list-style-type:decimal-leading-zero}
+ol.loweralpha{list-style-type:lower-alpha}
+ol.upperalpha{list-style-type:upper-alpha}
+ol.lowerroman{list-style-type:lower-roman}
+ol.upperroman{list-style-type:upper-roman}
+ol.lowergreek{list-style-type:lower-greek}
+.hdlist>table,.colist>table{border:0;background:none}
+.hdlist>table>tbody>tr,.colist>table>tbody>tr{background:none}
+td.hdlist1{padding-right:.75em;font-weight:bold}
+td.hdlist1,td.hdlist2{vertical-align:top}
+.literalblock+.colist,.listingblock+.colist{margin-top:-.5em}
+.colist>table tr>td:first-of-type{padding:0 .75em;line-height:1}
+.colist>table tr>td:last-of-type{padding:.25em 0}
+.thumb,.th{line-height:0;display:inline-block;border:solid 4px #fff;-webkit-box-shadow:0 0 0 1px #ddd;box-shadow:0 0 0 1px #ddd}
+.imageblock.left,.imageblock[style*="float: left"]{margin:.25em .625em 1.25em 0}
+.imageblock.right,.imageblock[style*="float: right"]{margin:.25em 0 1.25em .625em}
+.imageblock>.title{margin-bottom:0}
+.imageblock.thumb,.imageblock.th{border-width:6px}
+.imageblock.thumb>.title,.imageblock.th>.title{padding:0 .125em}
+.image.left,.image.right{margin-top:.25em;margin-bottom:.25em;display:inline-block;line-height:0}
+.image.left{margin-right:.625em}
+.image.right{margin-left:.625em}
+a.image{text-decoration:none}
+span.footnote,span.footnoteref{vertical-align:super;font-size:.875em}
+span.footnote a,span.footnoteref a{text-decoration:none}
+span.footnote a:active,span.footnoteref a:active{text-decoration:underline}
+#footnotes{padding-top:.75em;padding-bottom:.75em;margin-bottom:.625em}
+#footnotes hr{width:20%;min-width:6.25em;margin:-.25em 0 .75em 0;border-width:1px 0 0 0}
+#footnotes .footnote{padding:0 .375em;line-height:1.3;font-size:.875em;margin-left:1.2em;text-indent:-1.2em;margin-bottom:.2em}
+#footnotes .footnote a:first-of-type{font-weight:bold;text-decoration:none}
+#footnotes .footnote:last-of-type{margin-bottom:0}
+#content #footnotes{margin-top:-.625em;margin-bottom:0;padding:.75em 0}
+.gist .file-data>table{border:0;background:#fff;width:100%;margin-bottom:0}
+.gist .file-data>table td.line-data{width:99%}
+div.unbreakable{page-break-inside:avoid}
+.big{font-size:larger}
+.small{font-size:smaller}
+.underline{text-decoration:underline}
+.overline{text-decoration:overline}
+.line-through{text-decoration:line-through}
+.aqua{color:#00bfbf}
+.aqua-background{background-color:#00fafa}
+.black{color:#000}
+.black-background{background-color:#000}
+.blue{color:#0000bf}
+.blue-background{background-color:#0000fa}
+.fuchsia{color:#bf00bf}
+.fuchsia-background{background-color:#fa00fa}
+.gray{color:#606060}
+.gray-background{background-color:#7d7d7d}
+.green{color:#006000}
+.green-background{background-color:#007d00}
+.lime{color:#00bf00}
+.lime-background{background-color:#00fa00}
+.maroon{color:#600000}
+.maroon-background{background-color:#7d0000}
+.navy{color:#000060}
+.navy-background{background-color:#00007d}
+.olive{color:#606000}
+.olive-background{background-color:#7d7d00}
+.purple{color:#600060}
+.purple-background{background-color:#7d007d}
+.red{color:#bf0000}
+.red-background{background-color:#fa0000}
+.silver{color:#909090}
+.silver-background{background-color:#bcbcbc}
+.teal{color:#006060}
+.teal-background{background-color:#007d7d}
+.white{color:#bfbfbf}
+.white-background{background-color:#fafafa}
+.yellow{color:#bfbf00}
+.yellow-background{background-color:#fafa00}
+span.icon>.fa{cursor:default}
+.admonitionblock td.icon [class^="fa icon-"]{font-size:2.5em;text-shadow:1px 1px 2px rgba(0,0,0,.5);cursor:default}
+.admonitionblock td.icon .icon-note:before{content:"\f05a";color:#19407c}
+.admonitionblock td.icon .icon-tip:before{content:"\f0eb";text-shadow:1px 1px 2px rgba(155,155,0,.8);color:#111}
+.admonitionblock td.icon .icon-warning:before{content:"\f071";color:#bf6900}
+.admonitionblock td.icon .icon-caution:before{content:"\f06d";color:#bf3400}
+.admonitionblock td.icon .icon-important:before{content:"\f06a";color:#bf0000}
+.conum[data-value]{display:inline-block;color:#fff!important;background-color:rgba(0,0,0,.8);-webkit-border-radius:100px;border-radius:100px;text-align:center;font-size:.75em;width:1.67em;height:1.67em;line-height:1.67em;font-family:"Open Sans","DejaVu Sans",sans-serif;font-style:normal;font-weight:bold}
+.conum[data-value] *{color:#fff!important}
+.conum[data-value]+b{display:none}
+.conum[data-value]:after{content:attr(data-value)}
+pre .conum[data-value]{position:relative;top:-.125em}
+b.conum *{color:inherit!important}
+.conum:not([data-value]):empty{display:none}
+h1,h2{letter-spacing:-.01em}
+dt,th.tableblock,td.content{text-rendering:optimizeLegibility}
+p,td.content{letter-spacing:-.01em}
+p strong,td.content strong{letter-spacing:-.005em}
+p,blockquote,dt,td.content{font-size:1.0625rem}
+p{margin-bottom:1.25rem}
+.sidebarblock p,.sidebarblock dt,.sidebarblock td.content,p.tableblock{font-size:1em}
+.exampleblock>.content{background-color:#fffef7;border-color:#e0e0dc;-webkit-box-shadow:0 1px 4px #e0e0dc;box-shadow:0 1px 4px #e0e0dc}
+.print-only{display:none!important}
+@media print{@page{margin:1.25cm .75cm}
+*{-webkit-box-shadow:none!important;box-shadow:none!important;text-shadow:none!important}
+a{color:inherit!important;text-decoration:underline!important}
+a.bare,a[href^="#"],a[href^="mailto:"]{text-decoration:none!important}
+a[href^="http:"]:not(.bare):after,a[href^="https:"]:not(.bare):after{content:"(" attr(href) ")";display:inline-block;font-size:.875em;padding-left:.25em}
+abbr[title]:after{content:" (" attr(title) ")"}
+pre,blockquote,tr,img{page-break-inside:avoid}
+thead{display:table-header-group}
+img{max-width:100%!important}
+p,blockquote,dt,td.content{font-size:1em;orphans:3;widows:3}
+h2,h3,#toctitle,.sidebarblock>.content>.title{page-break-after:avoid}
+#toc,.sidebarblock,.exampleblock>.content{background:none!important}
+#toc{border-bottom:1px solid #ddddd8!important;padding-bottom:0!important}
+.sect1{padding-bottom:0!important}
+.sect1+.sect1{border:0!important}
+#header>h1:first-child{margin-top:1.25rem}
+body.book #header{text-align:center}
+body.book #header>h1:first-child{border:0!important;margin:2.5em 0 1em 0}
+body.book #header .details{border:0!important;display:block;padding:0!important}
+body.book #header .details span:first-child{margin-left:0!important}
+body.book #header .details br{display:block}
+body.book #header .details br+span:before{content:none!important}
+body.book #toc{border:0!important;text-align:left!important;padding:0!important;margin:0!important}
+body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-break-before:always}
+.listingblock code[data-lang]:before{display:block}
+#footer{background:none!important;padding:0 .9375em}
+#footer-text{color:rgba(0,0,0,.6)!important;font-size:.9em}
+.hide-on-print{display:none!important}
+.print-only{display:block!important}
+.hide-for-print{display:none!important}
+.show-for-print{display:inherit!important}}
+</style>
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
+</head>
+<body class="article">
+<div id="header">
+<h1>Apache NiFi Registry User Guide</h1>
+<div class="details">
+<span id="author" class="author">Apache NiFi Team</span><br>
+<span id="email" class="email"><a href="mailto:dev@nifi.apache.org">dev@nifi.apache.org</a></span><br>
+</div>
+<div id="toc" class="toc">
+<div id="toctitle">Table of Contents</div>
+<ul class="sectlevel1">
+<li><a href="user-guide.html#introduction">Introduction</a></li>
+<li><a href="user-guide.html#browser-support">Browser Support</a>
+<ul class="sectlevel2">
+<li><a href="user-guide.html#unsupported-browsers">Unsupported Browsers</a></li>
+<li><a href="user-guide.html#viewing-the-ui-in-variably-sized-browsers">Viewing the UI in Variably Sized Browsers</a></li>
+</ul>
+</li>
+<li><a href="user-guide.html#terminology">Terminology</a></li>
+<li><a href="user-guide.html#User_Interface">NiFi Registry User Interface</a></li>
+<li><a href="user-guide.html#logging-in">Logging In</a></li>
+<li><a href="user-guide.html#manage-flows">Manage Flows</a>
+<ul class="sectlevel2">
+<li><a href="user-guide.html#view-a-flow">View a Flow</a></li>
+<li><a href="user-guide.html#import-a-flow">Import a Flow</a></li>
+<li><a href="user-guide.html#import-new-version-of-a-flow">Import New Version of a Flow</a></li>
+<li><a href="user-guide.html#export-a-flow-version">Export a Flow Version</a></li>
+<li><a href="user-guide.html#delete-a-flow">Delete a Flow</a></li>
+</ul>
+</li>
+<li><a href="user-guide.html#manage-buckets">Manage Buckets</a>
+<ul class="sectlevel2">
+<li><a href="user-guide.html#sorting-filtering-buckets">Sorting & Filtering Buckets</a></li>
+<li><a href="user-guide.html#create-a-bucket">Create a Bucket</a></li>
+<li><a href="user-guide.html#delete-a-bucket">Delete a Bucket</a></li>
+<li><a href="user-guide.html#delete-multiple-buckets">Delete Multiple Buckets</a></li>
+<li><a href="user-guide.html#edit-a-bucket-name">Edit a Bucket Name</a></li>
+<li><a href="user-guide.html#make-a-bucket-publicly-visible">Make a Bucket Publicly Visible</a></li>
+<li><a href="user-guide.html#allow-bundles-in-a-bucket-to-be-overwritten">Allow Bundles in a Bucket to be Overwritten</a></li>
+<li><a href="user-guide.html#bucket_policies">Bucket Policies</a></li>
+</ul>
+</li>
+<li><a href="user-guide.html#manage-users-groups">Manage Users & Groups</a>
+<ul class="sectlevel2">
+<li><a href="user-guide.html#sorting-filtering-usersgroups">Sorting & Filtering Users/Groups</a></li>
+<li><a href="user-guide.html#add-a-user">Add a User</a></li>
+<li><a href="user-guide.html#delete-a-user">Delete a User</a></li>
+<li><a href="user-guide.html#delete-multiple-users">Delete Multiple Users</a></li>
+<li><a href="user-guide.html#edit-a-user-name">Edit a User Name</a></li>
+<li><a href="user-guide.html#special-privileges">Special Privileges</a></li>
+</ul>
+</li>
+<li><a href="user-guide.html#manage-groups">Manage Groups</a>
+<ul class="sectlevel2">
+<li><a href="user-guide.html#add-an-empty-group">Add an Empty Group</a></li>
+<li><a href="user-guide.html#add-user-to-a-group">Add User to a Group</a></li>
+<li><a href="user-guide.html#create-a-new-group-with-selected-users">Create a New Group with Selected Users</a></li>
+<li><a href="user-guide.html#remove-a-user-from-a-group">Remove a User from a Group</a></li>
+<li><a href="user-guide.html#other-group-level-actions">Other Group Level Actions</a></li>
+</ul>
+</li>
+<li><a href="user-guide.html#manage_bundles">Manage Bundles</a>
+<ul class="sectlevel2">
+<li><a href="user-guide.html#upload-bundle">Upload Bundle</a></li>
+<li><a href="user-guide.html#download-bundle">Download Bundle</a></li>
+<li><a href="user-guide.html#additional-actions">Additional Actions</a></li>
+</ul>
+</li>
+</ul>
+</div>
+</div>
+<div id="content">
+<div class="sect1">
+<h2 id="introduction"><a class="anchor" href="user-guide.html#introduction"></a>Introduction</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>Apache NiFi Registry—a subproject of Apache NiFi—is a complementary application that provides a central location for storage and management of shared resources across one or more instances of NiFi and/or MiNiFi.</p>
+</div>
+<div class="paragraph">
+<p>The first implementation of the Registry supports versioned flows. Process group level dataflows created in NiFi can be placed under version control and stored in a registry. The registry organizes where flows are stored and manages the permissions to access, create, modify or delete them.</p>
+</div>
+<div class="paragraph">
+<p>See the <a href="administration-guide.html">System Administrator’s Guide</a> for information about Registry system requirements, installation, and configuration. Once NiFi Registry is installed, use a supported web browser to view the UI.</p>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="browser-support"><a class="anchor" href="user-guide.html#browser-support"></a>Browser Support</h2>
+<div class="sectionbody">
+<table class="tableblock frame-all grid-all stretch">
+<colgroup>
+<col style="width: 50%;">
+<col style="width: 50%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top">Browser</th>
+<th class="tableblock halign-left valign-top">Version</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Chrome</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Current and Current - 1</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">FireFox</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Current and Current - 1</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Safari</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Current and Current - 1</p></td>
+</tr>
+</tbody>
+</table>
+<div class="paragraph">
+<p>Current and Current - 1 indicates that the UI is supported in the current stable release of that browser and the preceding one. For instance, if the current stable release is 62.X then the officially supported versions will be 62.X and 61.X.</p>
+</div>
+<div class="paragraph">
+<p>For Safari, which releases major versions much less frequently, Current and Current - 1 simply represent the two latest releases.</p>
+</div>
+<div class="paragraph">
+<p>The supported browser versions are driven by the capabilities the UI employs and the dependencies it uses. UI features will be developed and tested against the supported browsers. Any problem using a supported browser should be reported to Apache NiFi.</p>
+</div>
+<div class="sect2">
+<h3 id="unsupported-browsers"><a class="anchor" href="user-guide.html#unsupported-browsers"></a>Unsupported Browsers</h3>
+<div class="paragraph">
+<p>While the UI may run successfully in unsupported browsers, it is not actively tested against them. Additionally, the UI is designed as a desktop experience and is not currently supported in mobile browsers.</p>
+</div>
+</div>
+<div class="sect2">
+<h3 id="viewing-the-ui-in-variably-sized-browsers"><a class="anchor" href="user-guide.html#viewing-the-ui-in-variably-sized-browsers"></a>Viewing the UI in Variably Sized Browsers</h3>
+<div class="paragraph">
+<p>In most environments, all of the UI is visible in your browser. However, the UI has a responsive design that allows you to scroll through screens as needed, in smaller sized browsers or tablet environments.</p>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+The minimum recommended screen size is 1080px X 445px.
+</td>
+</tr>
+</table>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="terminology"><a class="anchor" href="user-guide.html#terminology"></a>Terminology</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p><strong>Flow</strong>: A process group level NiFi dataflow that has been placed under version control and saved to the Registry.</p>
+</div>
+<div class="paragraph">
+<p><strong>Bundle</strong>: A binary artifact containing one or more extensions that can be run in NiFi or MiNiFi.</p>
+</div>
+<div class="paragraph">
+<p><strong>Bucket</strong>: A container that stores and organizes versioned items, such as flows and bundles.</p>
+</div>
+<div class="paragraph">
+<p><strong>Policy</strong>: Defines a user or group’s ability to perform a given action.</p>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="User_Interface"><a class="anchor" href="user-guide.html#User_Interface"></a>NiFi Registry User Interface</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>The NiFi Registry UI displays the shared resources available and provides mechanisms for creating and administering users/groups, buckets and policies.</p>
+</div>
+<div class="paragraph">
+<p>When the application is started, the user is able to navigate to the UI by going to the default address of <code><a href="http://<hostname>:18080/nifi-registry" class="bare">http://<hostname>:18080/nifi-registry</a></code> in a web browser. There are no permissions configured by default, so anyone is able to view and modify the flows and buckets. For information on securing the system, see the <a href="administration-guide.html">System Administrator’s Guide</a>.</p>
+</div>
+<div class="paragraph">
+<p>When an administrator navigates to the UI for the first time, the registry is empty as there are no flow resources available to share yet:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/nifi-registry-components.png" alt="NiFi Registry Components">
+</div>
+</div>
+<div class="paragraph">
+<p>The Buckets menu is available at the top left of the screen. It allows the user to display flows based on which bucket they are contained in. On the top right of the screen is the Settings button (<span class="image"><img src="images/iconSettings.png" alt="Settings Icon"></span>) which accesses functionality for managing users, groups, buckets and policies. Next to the Settings button is the Help button (<span class="image"><img src="images/iconHelp.png" alt="Help Icon"></span>) wh [...]
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="logging-in"><a class="anchor" href="user-guide.html#logging-in"></a>Logging In</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>If NiFi Registry is configured to run securely, users will have to be granted permissions to buckets by an administrator. For information on configuring NiFi Registry to run securely, see the <a href="administration-guide.html">System Administrator’s Guide</a>.</p>
+</div>
+<div class="paragraph">
+<p>If the user is logging in with their username/password they will be presented with a screen to do so.</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/loginRegistry.png" alt="NiFi Registry Login">
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="manage-flows"><a class="anchor" href="user-guide.html#manage-flows"></a>Manage Flows</h2>
+<div class="sectionbody">
+<div class="sect2">
+<h3 id="view-a-flow"><a class="anchor" href="user-guide.html#view-a-flow"></a>View a Flow</h3>
+<div class="paragraph">
+<p>Flows in all buckets are listed in the main window of the UI by default. If the registry is secured, only the flows in the buckets that the user has access to are listed.</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/flows_all.png" alt="All Flows">
+</div>
+</div>
+<div class="paragraph">
+<p>To see the flows in a particular bucket, select that bucket from the drop-down menu at the top left of the UI.</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/bucket_menu.png" alt="Bucket Menu">
+</div>
+</div>
+<div class="paragraph">
+<p>Click on a flow to see its Bucket Identifier, Flow Identifier, Description and Change Log:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/flow_change_log.png" alt="Flow Change Log">
+</div>
+</div>
+<div class="paragraph">
+<p>The Change Log includes all versions that were saved for a flow. Clicking on the version reveals details about when the version was saved, which user committed the save, and any comments entered by the user.</p>
+</div>
+<div class="sect3">
+<h4 id="sorting-filtering-flows"><a class="anchor" href="user-guide.html#sorting-filtering-flows"></a>Sorting & Filtering Flows</h4>
+<div class="paragraph">
+<p>Flows can be sorted alphabetically by Name (ascending or descending), by Update (newest or oldest) or by Type (ascending or descending) using the Sort By drop-down.</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/flows_sort_menu.png" alt="Flows Sort Menu">
+</div>
+</div>
+<div class="paragraph">
+<p>The flow list can be filtered by:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>flow name</p>
+</li>
+<li>
+<p>flow description</p>
+</li>
+<li>
+<p>flow ID</p>
+</li>
+<li>
+<p>bucket name</p>
+</li>
+<li>
+<p>bucket ID</p>
+</li>
+<li>
+<p>type</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>Here is an example filtering by flow name:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/flows_filter_by_name.png" alt="Flows Filter By Name">
+</div>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="import-a-flow"><a class="anchor" href="user-guide.html#import-a-flow"></a>Import a Flow</h3>
+<div class="paragraph">
+<p>To import a flow into the registry:</p>
+</div>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Click on the "Import New Flow" button. A bucket must exist for this button to be visible.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/import_new_flow_button.png" alt="Import New Flow button">
+</div>
+</div>
+</li>
+<li>
+<p>Enter a unique flow name and a flow description if desired.</p>
+</li>
+<li>
+<p>Select the destination bucket.</p>
+</li>
+<li>
+<p>Drop or select a flow definition file.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/import_new_flow.png" alt="Import New Flow dialog">
+</div>
+</div>
+</li>
+<li>
+<p>Select "Import".</p>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect2">
+<h3 id="import-new-version-of-a-flow"><a class="anchor" href="user-guide.html#import-new-version-of-a-flow"></a>Import New Version of a Flow</h3>
+<div class="paragraph">
+<p>To import a new version of a flow:</p>
+</div>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Click on the flow to see its details.</p>
+</li>
+<li>
+<p>Select the "Actions" drop-down and click the "Import new flow" menu option.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/import_new_version_action.png" alt="Import New Version Action">
+</div>
+</div>
+</li>
+<li>
+<p>Drop or select a flow definition file.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/import_new_version.png" alt="Import New Version dialog">
+</div>
+</div>
+</li>
+<li>
+<p>Select "Import".</p>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect2">
+<h3 id="export-a-flow-version"><a class="anchor" href="user-guide.html#export-a-flow-version"></a>Export a Flow Version</h3>
+<div class="paragraph">
+<p>To export a version of a flow:</p>
+</div>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Click on the flow to see its details.</p>
+</li>
+<li>
+<p>Select the "Actions" drop-down and click the "Export version" menu option.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/export_version_action.png" alt="Export Version Action">
+</div>
+</div>
+</li>
+<li>
+<p>Choose the version of the flow to export. By default, the latest version is selected.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/export_version.png" alt="Export Version dialog">
+</div>
+</div>
+</li>
+<li>
+<p>Select "Export".</p>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect2">
+<h3 id="delete-a-flow"><a class="anchor" href="user-guide.html#delete-a-flow"></a>Delete a Flow</h3>
+<div class="paragraph">
+<p>To delete a flow from the registry:</p>
+</div>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Click on the flow to see its details.</p>
+</li>
+<li>
+<p>Select the "Actions" drop-down and click the "Delete flow" menu option.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/flow_delete_action.png" alt="Flow Delete Action">
+</div>
+</div>
+</li>
+<li>
+<p>Select "Delete" to confirm.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/flow_delete_confirm.png" alt="Flow Delete Confirm">
+</div>
+</div>
+</li>
+</ol>
+</div>
+<div class="admonitionblock warning">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-warning" title="Warning"></i>
+</td>
+<td class="content">
+It is possible to delete a flow that is actively being used in NiFi.
+</td>
+</tr>
+</table>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="manage-buckets"><a class="anchor" href="user-guide.html#manage-buckets"></a>Manage Buckets</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>To manage buckets, enter the Administration section of the Registry by clicking the Settings button (<span class="image"><img src="images/iconSettings.png" alt="Settings Icon"></span>) on the top right of the UI. The Buckets window appears by default.</p>
+</div>
+<div class="sect2">
+<h3 id="sorting-filtering-buckets"><a class="anchor" href="user-guide.html#sorting-filtering-buckets"></a>Sorting & Filtering Buckets</h3>
+<div class="paragraph">
+<p>Buckets can be sorted alphabetically by Name (ascending or descending) using the up/down arrows.</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/buckets_sort_by_name.png" alt="Buckets Sort By Name">
+</div>
+</div>
+<div class="paragraph">
+<p>The buckets listed can be filtered by:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>bucket name</p>
+</li>
+<li>
+<p>bucket description</p>
+</li>
+<li>
+<p>bucket ID</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>Here is an example filtering by bucket name:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/buckets_filter_by_name.png" alt="Buckets Filter By Name">
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="create-a-bucket"><a class="anchor" href="user-guide.html#create-a-bucket"></a>Create a Bucket</h3>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the "New Bucket" button.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/new_bucket_button.png" alt="New Bucket Button">
+</div>
+</div>
+</li>
+<li>
+<p>Enter the desired bucket name and select the "Create" button.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/new_bucket_dialog.png" alt="New Bucket Dialog">
+</div>
+</div>
+</li>
+</ol>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+Check "Make publicly available" to allow read access to items in the bucket by unauthenticated users. This will override any specific <a href="user-guide.html#bucket_policies">bucket policies</a> granting read access.
+</td>
+</tr>
+</table>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+To quickly create multiple buckets, check "Keep this dialog open after creating bucket".
+</td>
+</tr>
+</table>
+</div>
+</div>
+<div class="sect2">
+<h3 id="delete-a-bucket"><a class="anchor" href="user-guide.html#delete-a-bucket"></a>Delete a Bucket</h3>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the Delete button (<span class="image"><img src="images/iconDelete.png" alt="Delete Icon"></span>) in the row of the bucket.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/delete_bucket_single.png" alt="Delete Single Bucket">
+</div>
+</div>
+</li>
+<li>
+<p>From the Delete Bucket dialog, select "Delete".</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/delete_bucket_dialog.png" alt="Delete Bucket Dialog">
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect2">
+<h3 id="delete-multiple-buckets"><a class="anchor" href="user-guide.html#delete-multiple-buckets"></a>Delete Multiple Buckets</h3>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the checkboxes in the rows of the desired buckets to delete.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/check_multiple_buckets.png" alt="Check Multiple Buckets">
+</div>
+</div>
+</li>
+<li>
+<p>Select the "Actions" drop-down and click the "Delete" option.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/delete_multiple_buckets.png" alt="Delete Multiple Buckets">
+</div>
+</div>
+</li>
+<li>
+<p>From the Delete Buckets dialog, select "Delete".</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/delete_buckets_dialog.png" alt="Delete Buckets Dialog">
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect2">
+<h3 id="edit-a-bucket-name"><a class="anchor" href="user-guide.html#edit-a-bucket-name"></a>Edit a Bucket Name</h3>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the Manage button (<span class="image"><img src="images/iconManage.png" alt="Manage Icon"></span>) in the row of the bucket.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/manage_bucket.png" alt="Manage Bucket">
+</div>
+</div>
+</li>
+<li>
+<p>Enter a new name for the bucket and select the "Save" button.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/bucket_nav_name_edit.png" alt="Edit Bucket Name">
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect2">
+<h3 id="make-a-bucket-publicly-visible"><a class="anchor" href="user-guide.html#make-a-bucket-publicly-visible"></a>Make a Bucket Publicly Visible</h3>
+<div class="paragraph">
+<p>To allow read access to items in a bucket by unauthenticated users, select the "Make publicly visible" checkbox.</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/bucket_nav_make_public.png" alt="Make Bucket Public">
+</div>
+</div>
+<div class="paragraph">
+<p>This setting will override any specific policies granting read access to the bucket.</p>
+</div>
+</div>
+<div class="sect2">
+<h3 id="allow-bundles-in-a-bucket-to-be-overwritten"><a class="anchor" href="user-guide.html#allow-bundles-in-a-bucket-to-be-overwritten"></a>Allow Bundles in a Bucket to be Overwritten</h3>
+<div class="paragraph">
+<p>To allow released bundles in a bucket to be overwritten, select the "Allow bundle overwrite" checkbox.</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/bucket_nav_allow_bundle_overwrite.png" alt="Allow Bundle Overwrite">
+</div>
+</div>
+<div class="paragraph">
+<p>Currently, the only supported bundle type is a <a href="https://nifi.apache.org/docs/nifi-docs/html/developer-guide.html#nars">NiFi Archive (NAR)</a>. By default, buckets do not allow the re-release of released NARs. This setting explicitly allows the same version of a NAR to be uploaded to a bucket.</p>
+</div>
+<div class="paragraph">
+<p>For more information on bundles, see the <a href="user-guide.html#manage_bundles">Manage Bundles</a> section.</p>
+</div>
+</div>
+<div class="sect2">
+<h3 id="bucket_policies"><a class="anchor" href="user-guide.html#bucket_policies"></a>Bucket Policies</h3>
+<div class="paragraph">
+<p>Bucket policies define user privileges on buckets/flows in the Registry and in NiFi. The available permissions are:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p><strong>All</strong> - In the Registry, the assigned user is able to view and delete flows in the bucket. In NiFi, the selected user is able to import flows from the bucket and commit changes to flows in the bucket.</p>
+</li>
+<li>
+<p><strong>Read</strong> - In the Registry, the assigned user is able to view flows in the bucket. In NiFi, the selected user is able to import flows from the bucket.</p>
+</li>
+<li>
+<p><strong>Write</strong> - In NiFi, the assigned user is able to commit changes to flows in the bucket.</p>
+</li>
+<li>
+<p><strong>Delete</strong> - In the Registry, the assigned user is able to delete flows in the bucket.</p>
+</li>
+</ul>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+Users would typically have Read permissions at a minimum. A user with Write permission would not commit changes to a flow if they were not able to import it initially. A user with Delete permission would not delete a flow if they could not view it.
+</td>
+</tr>
+</table>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+If a user has a bucket policy and the group that the user is in also has a policy, all policies are used to determine access. For example, assume User1 is in Group1, User1 has READ privileges on Bucket1 and Group1 has READ privileges on Bucket2. In this scenario, User1 will have READ privileges on both Bucket1 and Bucket2.
+</td>
+</tr>
+</table>
+</div>
+<div class="sect3">
+<h4 id="create-a-bucket-policy"><a class="anchor" href="user-guide.html#create-a-bucket-policy"></a>Create a Bucket Policy</h4>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the Manage button (<span class="image"><img src="images/iconManage.png" alt="Manage Icon"></span>) in the row of the bucket.</p>
+</li>
+<li>
+<p>Select the "New Policy" button.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/new_bucket_policy_create.png" alt="Create New Bucket Policy">
+</div>
+</div>
+</li>
+<li>
+<p>Select a user, check the desired permissions and select the "Apply" button:</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/new_bucket_policy_user_permission.png" alt="New Bucket Policy User and Permissions">
+</div>
+</div>
+</li>
+<li>
+<p>The policy is added to the bucket:</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/new_bucket_policy_added.png" alt="New Bucket Policy Added">
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect3">
+<h4 id="delete-a-bucket-policy"><a class="anchor" href="user-guide.html#delete-a-bucket-policy"></a>Delete a Bucket Policy</h4>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the Manage button (<span class="image"><img src="images/iconManage.png" alt="Manage Icon"></span>) in the row of the bucket.</p>
+</li>
+<li>
+<p>Select the Delete button (<span class="image"><img src="images/iconDelete.png" alt="Delete Icon"></span>) in the row of the policy.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/delete_bucket_policy.png" alt="Delete Policy">
+</div>
+</div>
+</li>
+<li>
+<p>From the Delete Policy dialog, select "Delete".</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/delete_bucket_policy_dialog.png" alt="Delete Policy Dialog">
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="manage-users-groups"><a class="anchor" href="user-guide.html#manage-users-groups"></a>Manage Users & Groups</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>To manage users/groups, enter the Administration section of the Registry by clicking the Settings button (<span class="image"><img src="images/iconSettings.png" alt="Settings Icon"></span>) on the top right of the UI. Select Users from the top menu to open the Users window.</p>
+</div>
+<div class="sect2">
+<h3 id="sorting-filtering-usersgroups"><a class="anchor" href="user-guide.html#sorting-filtering-usersgroups"></a>Sorting & Filtering Users/Groups</h3>
+<div class="paragraph">
+<p>Users/groups can be sorted alphabetically by Name (ascending or descending) using the up/down arrows.</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/users_sort_by_name.png" alt="Users Sort By Name">
+</div>
+</div>
+<div class="paragraph">
+<p>The Users/groups listed can be filtered by:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p>user name</p>
+</li>
+<li>
+<p>user ID</p>
+</li>
+<li>
+<p>group name</p>
+</li>
+<li>
+<p>group ID</p>
+</li>
+</ul>
+</div>
+<div class="paragraph">
+<p>Here is an example of filtering by user name:</p>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/users_filter_by_name.png" alt="Users Filter By Name">
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="add-a-user"><a class="anchor" href="user-guide.html#add-a-user"></a>Add a User</h3>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the "Add User" button.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/add_user_button.png" alt="Add User">
+</div>
+</div>
+</li>
+<li>
+<p>Enter the desired username or appropriate Identity information. Select the "Add" button.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/add_user_dialog.png" alt="New User Dialog">
+</div>
+</div>
+</li>
+</ol>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+To quickly create multiple users, check "Keep this dialog open after adding user".
+</td>
+</tr>
+</table>
+</div>
+</div>
+<div class="sect2">
+<h3 id="delete-a-user"><a class="anchor" href="user-guide.html#delete-a-user"></a>Delete a User</h3>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the Delete button (<span class="image"><img src="images/iconDelete.png" alt="Delete Icon"></span>) in the row of the user.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/delete_user_single.png" alt="Delete Single User">
+</div>
+</div>
+</li>
+<li>
+<p>From the Delete User dialog, select "Delete".</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/delete_user_dialog.png" alt="Delete User Dialog">
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect2">
+<h3 id="delete-multiple-users"><a class="anchor" href="user-guide.html#delete-multiple-users"></a>Delete Multiple Users</h3>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the checkboxes in the rows of the desired users to delete.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/check_multiple_users.png" alt="Check Multiple Users">
+</div>
+</div>
+</li>
+<li>
+<p>Select the "Actions" drop-down and click the "Delete" option.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/delete_multiple_users.png" alt="Delete Multiple Users">
+</div>
+</div>
+</li>
+<li>
+<p>From the Delete Users dialog, select "Delete".</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/delete_users_groups_dialog.png" alt="Delete Users Dialog">
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect2">
+<h3 id="edit-a-user-name"><a class="anchor" href="user-guide.html#edit-a-user-name"></a>Edit a User Name</h3>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the Manage button (<span class="image"><img src="images/iconManage.png" alt="Manage Icon"></span>) in the row of the user.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/manage_user.png" alt="Manage User">
+</div>
+</div>
+</li>
+<li>
+<p>Enter a new user name and select the "Save" button.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/user_nav_name_edit.png" alt="Edit User Name">
+</div>
+</div>
+</li>
+</ol>
+</div>
+<div class="admonitionblock warning">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-warning" title="Warning"></i>
+</td>
+<td class="content">
+Some users cannot have their names edited. For example, those defined by LDAP. These users will be specially highlighted in the list.
+</td>
+</tr>
+</table>
+</div>
+<div class="imageblock">
+<div class="content">
+<img src="images/users_non_configurable.png" alt="Non-configurable Users">
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="special-privileges"><a class="anchor" href="user-guide.html#special-privileges"></a>Special Privileges</h3>
+<div class="paragraph">
+<p>Special privileges are additional permissions that allow a user to manage or access certain aspects of the Registry. The special privileges are:</p>
+</div>
+<div class="ulist">
+<ul>
+<li>
+<p><strong>Can manage buckets</strong> - Allow a user to manage all buckets in the registry, as well as provide the user access to all buckets from a connected system (e.g., NiFi).</p>
+</li>
+<li>
+<p><strong>Can manage users</strong> - Allow a user to manage all registry users and groups.</p>
+</li>
+<li>
+<p><strong>Can manage policies</strong> - Allow a user to grant all registry users read, write, and delete permission to a bucket.</p>
+</li>
+<li>
+<p><strong>Can proxy user requests</strong> - Allow a connected system (e.g., NiFi) to process requests of authorized users of that system. For example, if dev and prod NiFi clusters are connected to the same NiFi Registry instance, privileges can be set to allow the dev NiFi cluster to only update versioned flows while limiting the prod NiFi to only download flows.</p>
+</li>
+</ul>
+</div>
+<div class="sect3">
+<h4 id="grant-special-privileges-to-a-user"><a class="anchor" href="user-guide.html#grant-special-privileges-to-a-user"></a>Grant Special Privileges to a User</h4>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the Manage button (<span class="image"><img src="images/iconManage.png" alt="Manage Icon"></span>) in the row of the user.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/manage_user.png" alt="Manage User">
+</div>
+</div>
+</li>
+<li>
+<p>Check the desired privileges:</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/user_special_privileges.png" alt="User Special Privileges">
+</div>
+</div>
+</li>
+<li>
+<p>Changes made to special privileges are automatically saved.</p>
+</li>
+</ol>
+</div>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="manage-groups"><a class="anchor" href="user-guide.html#manage-groups"></a>Manage Groups</h2>
+<div class="sectionbody">
+<div class="sect2">
+<h3 id="add-an-empty-group"><a class="anchor" href="user-guide.html#add-an-empty-group"></a>Add an Empty Group</h3>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>With no users checked, select the "Actions" drop-down and click the "Create new group" option.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/create_new_group.png" alt="Create New Group">
+</div>
+</div>
+</li>
+<li>
+<p>Enter a name for the Group and select the "Create" button.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/create_new_group_dialog.png" alt="Create New Group Dialog">
+</div>
+</div>
+</li>
+</ol>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+To quickly create multiple empty groups, check "Keep this dialog open after creating group".
+</td>
+</tr>
+</table>
+</div>
+</div>
+<div class="sect2">
+<h3 id="add-user-to-a-group"><a class="anchor" href="user-guide.html#add-user-to-a-group"></a>Add User to a Group</h3>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the Manage button (<span class="image"><img src="images/iconManage.png" alt="Manage Icon"></span>) in the row of the user.</p>
+</li>
+<li>
+<p>Select the "Add To Group" button.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/user_nav_add_to_group.png" alt="Add User to Group">
+</div>
+</div>
+</li>
+<li>
+<p>In the "Add User to Groups" dialog, select the group(s) to add the user to. Select the "Add" button when all desired groups have been selected.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/add_user_to_groups_dialog.png" alt="Add User to Groups Dialog">
+</div>
+</div>
+</li>
+<li>
+<p>The user is added to the group:</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/group_added.png" alt="Group Added">
+</div>
+</div>
+</li>
+</ol>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+Groups cannot contain other groups.
+</td>
+</tr>
+</table>
+</div>
+</div>
+<div class="sect2">
+<h3 id="create-a-new-group-with-selected-users"><a class="anchor" href="user-guide.html#create-a-new-group-with-selected-users"></a>Create a New Group with Selected Users</h3>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the checkboxes in the rows of the desired users. From the "Actions" drop-down, click the "Create new group" option.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/select_users_create_new_group.png" alt="Select Users for New Group">
+</div>
+</div>
+</li>
+<li>
+<p>Enter a name for the Group and select the "Create" button.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/select_users_create_new_group_dialog.png" alt="Create New Group Dialog">
+</div>
+</div>
+</li>
+<li>
+<p>The new group is created with the selected users as members:</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/select_users_new_group_added.png" alt="New Group Added with Selected Users">
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect2">
+<h3 id="remove-a-user-from-a-group"><a class="anchor" href="user-guide.html#remove-a-user-from-a-group"></a>Remove a User from a Group</h3>
+<div class="paragraph">
+<p>There are two ways to remove a user from a group.</p>
+</div>
+<div class="sect3">
+<h4 id="user-window"><a class="anchor" href="user-guide.html#user-window"></a>User Window</h4>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the Manage button (<span class="image"><img src="images/iconManage.png" alt="Manage Icon"></span>) in the row of the user.</p>
+</li>
+<li>
+<p>In the Membership section of the window, select the Remove button (<span class="image"><img src="images/iconDelete.png" alt="Delete Icon"></span>) in the row of the group.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/remove_group_from_user.png" alt="Remove Group From User">
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+<div class="sect3">
+<h4 id="group-window"><a class="anchor" href="user-guide.html#group-window"></a>Group Window</h4>
+<div class="olist arabic">
+<ol class="arabic">
+<li>
+<p>Select the Manage button (<span class="image"><img src="images/iconManage.png" alt="Manage Icon"></span>) in the row of the group. The Members tab is selected by default.</p>
+</li>
+<li>
+<p>In the Membership section of the window, select the Remove button (<span class="image"><img src="images/iconDelete.png" alt="Delete Icon"></span>) in the row of the user.</p>
+<div class="imageblock">
+<div class="content">
+<img src="images/remove_user_from_group.png" alt="Remove User From Group">
+</div>
+</div>
+</li>
+</ol>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="other-group-level-actions"><a class="anchor" href="user-guide.html#other-group-level-actions"></a>Other Group Level Actions</h3>
+<div class="paragraph">
+<p>Editing group names, deleting groups, adding policies to/deleting policies from groups and granting special privileges to groups follow similar procedures described earlier for corresponding user level actions.</p>
+</div>
+</div>
+</div>
+</div>
+<div class="sect1">
+<h2 id="manage_bundles"><a class="anchor" href="user-guide.html#manage_bundles"></a>Manage Bundles</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>Bundles can be managed through the REST API.</p>
+</div>
+<div class="sect2">
+<h3 id="upload-bundle"><a class="anchor" href="user-guide.html#upload-bundle"></a>Upload Bundle</h3>
+<div class="paragraph">
+<p>A bundle can be uploaded to a bucket by making a <code>POST</code> request to the following REST end-point:</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>/nifi-registry-api/buckets/<bucketId>/bundles/<bundleType></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>Replace <code>bucketId</code> with the id of the bucket where the bundle is being uploaded to and <code>bundleType</code> with the type of bundle being uploaded. Currently, the only supported bundle type is a <a href="https://nifi.apache.org/docs/nifi-docs/html/developer-guide.html#nars">NiFi Archive (NAR)</a> which can be specified as <code>nifi-nar</code>.</p>
+</div>
+<div class="paragraph">
+<p>The <code>Content-Type</code> of the request is expected to be <code>multipart/form-data</code>. An example of using <code>curl</code> to upload <code>my-processors-1.0.0.nar</code> would be the following:</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>curl -v -F file=@/path/to/my-processors-1.0.0.nar http://localhost:18080/nifi-registry-api/buckets/de8e08c9-592d-4e10-affe-b3752698f1d9/bundles/nifi-nar</pre>
+</div>
+</div>
+<div class="admonitionblock note">
+<table>
+<tr>
+<td class="icon">
+<i class="fa icon-note" title="Note"></i>
+</td>
+<td class="content">
+In order to upload a NAR to NiFi Registry, it must contain the file <em>META-INF/docs/extension-manifest.xml</em> which is produced by the NAR Maven plugin, starting with version 1.3.0.
+</td>
+</tr>
+</table>
+</div>
+</div>
+<div class="sect2">
+<h3 id="download-bundle"><a class="anchor" href="user-guide.html#download-bundle"></a>Download Bundle</h3>
+<div class="paragraph">
+<p>There are two ways to download a bundle.</p>
+</div>
+<div class="sect3">
+<h4 id="bundle-coordinates"><a class="anchor" href="user-guide.html#bundle-coordinates"></a>Bundle Coordinates</h4>
+<div class="paragraph">
+<p>A bundle can be downloaded by using the combination of the bucket name and bundle coordinates, where bundle coordinates are the group, artifact, and version of the bundle.</p>
+</div>
+<div class="paragraph">
+<p>To download a bundle by its coordinates, a <code>GET</code> request can be made to the following end-point:</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>/nifi-registry-api/extension-repository/{bucketName}/{groupId}/{artifactId}/{version}/content</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>The <code>Content-Type</code> of the response is <code>application/octet-stream</code>.</p>
+</div>
+<div class="paragraph">
+<p>An example of using <code>curl</code> to download <code>my-processors-1.0.0.nar</code> from the <code>Test</code> bucket would be the following:</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>curl http://localhost:18080/nifi-registry-api/extension-repository/Test/com.test/my-processors/1.0.0/content > my-processors-1.0.0.nar</pre>
+</div>
+</div>
+</div>
+<div class="sect3">
+<h4 id="bundle-id"><a class="anchor" href="user-guide.html#bundle-id"></a>Bundle Id</h4>
+<div class="paragraph">
+<p>A bundle can be downloaded by using the combination of its unique id and version. The unique id is an id assigned to the bundle when the first version of the bundle is uploaded to NiFi Registry. This id is returned in the response of a successful upload.</p>
+</div>
+<div class="paragraph">
+<p>To download a bundle by its id and version, a <code>GET</code> request can be made to the following end-point:</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>/nifi-registry-api/bundles/{bundleId}/versions/{version}/content</pre>
+</div>
+</div>
+<div class="paragraph">
+<p>The <code>Content-Type</code> of the response is <code>application/octet-stream</code>.</p>
+</div>
+<div class="paragraph">
+<p>An example of using <code>curl</code> to download <code>my-processors-1.0.0.nar</code> by id and version would be the following:</p>
+</div>
+<div class="literalblock">
+<div class="content">
+<pre>curl http://localhost:18080/nifi-registry-api/bundles/3db78035-e3ba-4cbf-820e-022f292bd68c/versions/1.0.0/content > my-processors-1.0.0.nar</pre>
+</div>
+</div>
+</div>
+</div>
+<div class="sect2">
+<h3 id="additional-actions"><a class="anchor" href="user-guide.html#additional-actions"></a>Additional Actions</h3>
+<div class="paragraph">
+<p>For additional actions that can be performed related to bundles, please consult the <a href="../rest-api/index.html">REST API documentation</a>.</p>
+</div>
+</div>
+</div>
+</div>
+</div>
+<div id="footer">
+<div id="footer-text">
+Last updated 2022-06-13 16:50:03 -0700
+</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/nifi-registry-docs/images/bgBannerFoot.png b/docs/nifi-registry-docs/images/bgBannerFoot.png
new file mode 100644
index 0000000..16a17fe
Binary files /dev/null and b/docs/nifi-registry-docs/images/bgBannerFoot.png differ
diff --git a/docs/nifi-registry-docs/images/bgHeader.png b/docs/nifi-registry-docs/images/bgHeader.png
new file mode 100644
index 0000000..3cf88c5
Binary files /dev/null and b/docs/nifi-registry-docs/images/bgHeader.png differ
diff --git a/docs/nifi-registry-docs/images/registry-favicon.png b/docs/nifi-registry-docs/images/registry-favicon.png
new file mode 100644
index 0000000..87dc8c9
Binary files /dev/null and b/docs/nifi-registry-docs/images/registry-favicon.png differ
diff --git a/docs/nifi-registry-docs/index.html b/docs/nifi-registry-docs/index.html
new file mode 100644
index 0000000..c5d8e7a
--- /dev/null
+++ b/docs/nifi-registry-docs/index.html
@@ -0,0 +1,69 @@
+
+
+
+<!DOCTYPE html>
+<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <link rel="shortcut icon" href="images/registry-favicon.png"/>
+ <title>NiFi Registry Documentation</title>
+ <script type="text/javascript" src="js/jquery.min.js"></script>
+ <script type="text/javascript" src="js/application.js"></script>
+ <link href="css/main.css" rel="stylesheet" type="text/css" />
+ <link href="css/component-usage.css" rel="stylesheet" type="text/css" />
+ </head>
+ <body id="documentation-body">
+ <div id="banner-header" class="main-banner-header"></div>
+ <span id="initial-selection-type" style="display: none;">
+
+ </span>
+ <span id="initial-selection-bundle-group" style="display: none;">
+
+ </span>
+ <span id="initial-selection-bundle-artifact" style="display: none;">
+
+ </span>
+ <span id="initial-selection-bundle-version" style="display: none;">
+
+ </span>
+ <div id="documentation-header" class="documentation-header">
+ <div id="component-list-toggle-link">-</div>
+ <div id="header-contents">
+ <div id="nf-title">NiFi Registry Documentation</div>
+ <div id="nf-version" class="version"></div>
+ <div id="selected-component"></div>
+ </div>
+ </div>
+ <div id="component-root-container">
+ <div id="component-listing-container">
+ <div id="component-listing" class="component-listing">
+ <div class="section">
+ <div class="header">General</div>
+ <div id="general-links" class="component-links">
+ <ul>
+ <li class="component-item"><a class="document-link getting-started" href="html/getting-started.html" target="component-usage">Getting Started</a></li>
+ <li class="component-item"><a class="document-link user-guide" href="html/user-guide.html" target="component-usage">User Guide</a></li>
+ <li class="component-item"><a class="document-link admin-guide" href="html/administration-guide.html" target="component-usage">Admin Guide</a></li>
+ </ul>
+ <span class="no-matching no-components hidden">No matching guides</span>
+ </div>
+ </div>
+ <div class="section">
+ <div class="header">Developer</div>
+ <div id="developer-links" class="component-links">
+ <ul>
+ <li class="component-item"><a class="document-link rest-api" href="rest-api/index.html" target="component-usage">REST API</a></li>
+ </ul>
+ <span class="no-matching no-components hidden">No matching developer guides</span>
+ </div>
+ </div>
+ </div>
+ </div>
+ <div id="component-usage-container">
+ <iframe id="component-usage" name="component-usage" frameborder="0" class="component-usage"></iframe>
+ </div>
+ </div>
+ <div id="banner-footer" class="main-banner-footer"></div>
+ </body>
+</html>
diff --git a/docs/nifi-registry-docs/js/application.js b/docs/nifi-registry-docs/js/application.js
new file mode 100644
index 0000000..e0b4558
--- /dev/null
+++ b/docs/nifi-registry-docs/js/application.js
@@ -0,0 +1,400 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* global top */
+
+$(document).ready(function () {
+
+ var isUndefined = function (obj) {
+ return typeof obj === 'undefined';
+ };
+
+ var isNull = function (obj) {
+ return obj === null;
+ };
+
+ var isDefinedAndNotNull = function (obj) {
+ return !isUndefined(obj) && !isNull(obj);
+ };
+
+ /**
+ * Get the filter text.
+ *
+ * @returns {unresolved}
+ */
+ var getFilterText = function () {
+ var filter = '';
+ var ruleFilter = $('#component-filter');
+ if (!ruleFilter.hasClass('component-filter-list')) {
+ filter = ruleFilter.val();
+ }
+ return filter;
+ };
+
+ var applyComponentFilter = function (componentContainer) {
+ var matchingComponents = 0;
+ var componentLinks = $(componentContainer).find('a.component-link, a.document-link');
+
+ if (componentLinks.length === 0) {
+ return matchingComponents;
+ }
+
+ // get the filter text
+ var filter = getFilterText();
+ if (filter !== '') {
+ var filterExp = new RegExp(filter, 'i');
+
+ // update the displayed rule count
+ $.each(componentLinks, function (_, componentLink) {
+ var a = $(componentLink);
+ var li = a.closest('li.component-item');
+
+ // get the rule text for matching
+ var componentName = a.text();
+
+ // see if any of the text from this rule matches
+ var componentMatches = componentName.search(filterExp) >= 0;
+
+ // handle whether the rule matches
+ if (componentMatches === true) {
+ li.show();
+ matchingComponents++;
+ } else {
+ // hide the rule
+ li.hide();
+ }
+ });
+ } else {
+ // ensure every rule is visible
+ componentLinks.closest('li.component-item').show();
+
+ // set the number of displayed rules
+ matchingComponents = componentLinks.length;
+ }
+
+ // show whether there are status if appropriate
+ var noMatching = componentContainer.find('span.no-matching');
+ if (matchingComponents === 0) {
+ noMatching.show();
+ } else {
+ noMatching.hide();
+ }
+
+ return matchingComponents;
+ };
+
+ var applyFilter = function () {
+ var matchingGeneral = applyComponentFilter($('#general-links'));
+ var matchingProcessors = applyComponentFilter($('#processor-links'));
+ var matchingControllerServices = applyComponentFilter($('#controller-service-links'));
+ var matchingReportingTasks = applyComponentFilter($('#reporting-task-links'));
+ var matchingDeveloper = applyComponentFilter($('#developer-links'));
+
+ // update the rule count
+ $('#displayed-components').text(matchingGeneral + matchingProcessors + matchingControllerServices + matchingReportingTasks + matchingDeveloper);
+ };
+
+ var selectComponent = function (selectedExtension, selectedBundleGroup, selectedBundleArtifact, selectedArtifactVersion) {
+ var componentLinks = $('a.component-link');
+
+ // consider each link
+ $.each(componentLinks, function () {
+ var componentLink = $(this);
+ var item = componentLink.closest('li.component-item');
+ var extension = item.find('span.extension-class').text();
+ var group = item.find('span.bundle-group').text();
+ var artifact = item.find('span.bundle-artifact').text();
+ var version = item.find('span.bundle-version').text();
+
+ if (extension === selectedExtension && group === selectedBundleGroup
+ && artifact === selectedBundleArtifact && version === selectedArtifactVersion) {
+
+ // remove all selected styles
+ $('li.component-item').removeClass('selected');
+
+ // select this links item
+ item.addClass('selected');
+
+ // set the header
+ $('#selected-component').text(componentLink.text());
+
+ // stop iteration
+ return false;
+ }
+ });
+ };
+
+ var selectDocument = function (documentName) {
+ var documentLinks = $('a.document-link');
+
+ // consider each link
+ $.each(documentLinks, function () {
+ var documentLink = $(this);
+ if (documentName === $.trim(documentLink.text())) {
+ // remove all selected styles
+ $('li.component-item').removeClass('selected');
+
+ // select this links item
+ documentLink.closest('li.component-item').addClass('selected');
+
+ // set the header
+ $('#selected-component').text(documentLink.text());
+
+ // stop iteration
+ return false;
+ }
+ });
+ };
+
+ // get the banners if we're not in the shell
+ var bannerHeaderHeight = 0;
+ var bannerFooterHeight = 0;
+ var banners = $.Deferred(function (deferred) {
+ if (top === window) {
+ $.ajax({
+ type: 'GET',
+ url: '../nifi-api/flow/banners',
+ dataType: 'json'
+ }).then(function (response) {
+ // ensure the banners response is specified
+ if (isDefinedAndNotNull(response.banners)) {
+ if (isDefinedAndNotNull(response.banners.headerText) && response.banners.headerText !== '') {
+ // update the header text
+ var bannerHeader = $('#banner-header').text(response.banners.headerText).show();
+ bannerHeaderHeight = bannerHeader.height();
+ }
+
+ if (isDefinedAndNotNull(response.banners.footerText) && response.banners.footerText !== '') {
+ // update the footer text and show it
+ var bannerFooter = $('#banner-footer').text(response.banners.footerText).show();
+ bannerFooterHeight = bannerFooter.height();
+ }
+ }
+
+ deferred.resolve();
+ }, function () {
+ deferred.reject();
+ });
+ } else {
+ deferred.resolve();
+ }
+ }).promise();
+
+ // get the about details
+ var about = $.ajax({
+ type: 'GET',
+ url: '../nifi-api/flow/about',
+ dataType: 'json'
+ }).done(function (response) {
+ var aboutDetails = response.about;
+
+ // set the document title and the about title
+ $('#nf-version').text(aboutDetails.version);
+ });
+
+ // once the banners have loaded, function with remainder of the page
+ $.when(banners, about).always(function () {
+ // define the function for filtering the list
+ $('#component-filter').keyup(function () {
+ applyFilter();
+ }).focus(function () {
+ if ($(this).hasClass('component-filter-list')) {
+ $(this).removeClass('component-filter-list').val('');
+ }
+ }).blur(function () {
+ if ($(this).val() === '') {
+ $(this).addClass('component-filter-list').val('Filter');
+ }
+ }).addClass('component-filter-list').val('Filter');
+
+ // get the component containers to install the window listener
+ var documentationHeader = $('#documentation-header');
+ var componentRootContainer = $('#component-root-container');
+ var componentListingContainer = $('#component-listing-container', componentRootContainer);
+ var componentListing = $('#component-listing', componentListingContainer);
+ var componentFilterControls = $('#component-filter-controls', componentRootContainer);
+ var componentUsageContainer = $('#component-usage-container', componentUsageContainer);
+ var componentUsage = $('#component-usage', componentUsageContainer);
+
+ var componentListingContainerPaddingX = 0;
+ componentListingContainerPaddingX += parseInt(componentListingContainer.css("padding-right"), 10);
+ componentListingContainerPaddingX += parseInt(componentListingContainer.css("padding-left"), 10);
+
+ var componentListingContainerPaddingY = 0;
+ componentListingContainerPaddingY += parseInt(componentListingContainer.css("padding-top"), 10);
+ componentListingContainerPaddingY += parseInt(componentListingContainer.css("padding-bottom"), 10);
+
+ var componentUsageContainerPaddingX = 0;
+ componentUsageContainerPaddingX += parseInt(componentUsageContainer.css("padding-right"), 10);
+ componentUsageContainerPaddingX += parseInt(componentUsageContainer.css("padding-left"), 10);
+
+ var componentUsageContainerPaddingY = 0;
+ componentUsageContainerPaddingY += parseInt(componentUsageContainer.css("padding-top"), 10);
+ componentUsageContainerPaddingY += parseInt(componentUsageContainer.css("padding-bottom"), 10);
+
+ var componentListingContainerMinWidth = parseInt(componentListingContainer.css("min-width"), 10) + componentListingContainerPaddingX;
+ var componentUsageContainerMinWidth = parseInt(componentUsageContainer.css("min-width"), 10) + componentUsageContainerPaddingX;
+ var smallDisplayBoundary = componentListingContainerMinWidth + componentUsageContainerMinWidth;
+
+ var cssComponentListingNormal = { backgroundColor: "#ffffff" };
+ var cssComponentListingSmall = { backgroundColor: "#fbfbfb" };
+
+ // add a window resize listener
+ $(window).resize(function () {
+ // This -1 is the border-top of #component-usage-container
+ var baseHeight = window.innerHeight - 1;
+ baseHeight -= bannerHeaderHeight;
+ baseHeight -= bannerFooterHeight;
+ baseHeight -= documentationHeader.height();
+
+ // resize component list accordingly
+ if (smallDisplayBoundary > window.innerWidth) {
+ // screen is not wide enough to display content usage
+ // within the same row.
+ componentListingContainer.css(cssComponentListingSmall);
+ componentListingContainer.css({
+ borderBottom: "1px solid #ddddd8"
+ });
+ componentListing.css({
+ height: "200px"
+ });
+ // resize the iframe accordingly
+ var componentUsageHeight = baseHeight;
+ if (componentListingContainer.is(":visible")) {
+ componentUsageHeight -= componentListingContainer.height();
+ componentUsageHeight -= 1; // border-bottom
+ }
+ componentUsageHeight -= componentListingContainerPaddingY;
+ componentUsageHeight -= componentUsageContainerPaddingY;
+ componentUsage.css({
+ width: componentUsageContainer.width(),
+ height: componentUsageHeight
+ });
+ componentUsageContainer.css({
+ height: componentUsage.height()
+ });
+ } else {
+ componentListingContainer.css(cssComponentListingNormal);
+
+ var componentListingHeight = baseHeight;
+ componentListingHeight -= componentFilterControls.height();
+ componentListingHeight -= componentListingContainerPaddingY;
+ componentListing.css({
+ height: componentListingHeight
+ });
+
+ // resize the iframe accordingly
+ componentUsage.css({
+ width: componentUsageContainer.width(),
+ height: baseHeight - componentUsageContainerPaddingY
+ });
+ componentUsageContainer.css({
+ height: componentUsage.height()
+ });
+ componentListingContainer.css({
+ borderBottom: "0px"
+ });
+ }
+ });
+
+
+ var toggleComponentListing = $('#component-list-toggle-link');
+ toggleComponentListing.click(function(){
+ componentListingContainer.toggle(0, function(){
+ toggleComponentListing.text($(this).is(":visible") ? "-" : "+");
+ $(window).resize();
+ });
+ });
+
+ // listen for loading of the iframe to update the title
+ $('#component-usage').on('load', function () {
+
+ // resize window accordingly.
+ $(window).resize();
+
+ var bundleAndComponent = '';
+ var href = $(this).contents().get(0).location.href;
+
+ // see if the href ends in index.htm[l]
+ var indexOfIndexHtml = href.indexOf('index.htm');
+ if (indexOfIndexHtml >= 0) {
+ href = href.substring(0, indexOfIndexHtml);
+ }
+
+ // remove the trailing separator
+ if (href.length > 0) {
+ var indexOfSeparator = href.lastIndexOf('/');
+ if (indexOfSeparator === href.length - 1) {
+ href = href.substring(0, indexOfSeparator);
+ }
+ }
+
+ // remove the beginning bits
+ if (href.length > 0) {
+ var path = 'nifi-docs/components';
+ var indexOfPath = href.indexOf(path);
+ if (indexOfPath >= 0) {
+ var indexOfBundle = indexOfPath + path.length + 1;
+ if (indexOfBundle < href.length) {
+ bundleAndComponent = href.substr(indexOfBundle);
+ }
+ }
+ }
+
+ // if we could extract the bundle coordinates
+ if (bundleAndComponent !== '') {
+ var bundleTokens = bundleAndComponent.split('/');
+ if (bundleTokens.length === 4) {
+ selectComponent(bundleTokens[3], bundleTokens[0], bundleTokens[1], bundleTokens[2]);
+ }
+ }
+ });
+
+ // listen for on the rest api and user guide and developer guide and admin guide and overview
+ $('a.document-link').on('click', function() {
+ selectDocument($(this).text());
+ });
+
+ // get the initial selection
+ var initialLink = $('a.document-link:first');
+ var initialSelectionType = $.trim($('#initial-selection-type').text());
+
+ if (initialSelectionType !== '') {
+ var initialSelectionBundleGroup = $.trim($('#initial-selection-bundle-group').text());
+ var initialSelectionBundleArtifact = $.trim($('#initial-selection-bundle-artifact').text());
+ var initialSelectionBundleVersion = $.trim($('#initial-selection-bundle-version').text());
+
+ $('a.component-link').each(function () {
+ var componentLink = $(this);
+ var item = componentLink.closest('li.component-item');
+ var extension = item.find('span.extension-class').text();
+ var group = item.find('span.bundle-group').text();
+ var artifact = item.find('span.bundle-artifact').text();
+ var version = item.find('span.bundle-version').text();
+
+ if (extension === initialSelectionType && group === initialSelectionBundleGroup
+ && artifact === initialSelectionBundleArtifact && version === initialSelectionBundleVersion) {
+ initialLink = componentLink;
+ return false;
+ }
+ });
+ }
+
+ // click the first link
+ initialLink[0].click();
+ });
+});
diff --git a/docs/nifi-registry-docs/js/jquery.min.js b/docs/nifi-registry-docs/js/jquery.min.js
new file mode 100644
index 0000000..4c5be4c
--- /dev/null
+++ b/docs/nifi-registry-docs/js/jquery.min.js
@@ -0,0 +1,4 @@
+/*! jQuery v3.1.1 | (c) jQuery Foundation | jquery.org/license */
+!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b||d;var c=b.createElem [...]
+a.removeEventListener("load",R),r.ready()}"complete"===d.readyState||"loading"!==d.readyState&&!d.documentElement.doScroll?a.setTimeout(r.ready):(d.addEventListener("DOMContentLoaded",R),a.addEventListener("load",R));var S=function(a,b,c,d,e,f,g){var h=0,i=a.length,j=null==c;if("object"===r.type(c)){e=!0;for(h in c)S(a,b,h,c[h],!0,f,g)}else if(void 0!==d&&(e=!0,r.isFunction(d)||(g=!0),j&&(g?(b.call(a,d),b=null):(j=b,b=function(a,b,c){return j.call(r(a),c)})),b))for(;h<i;h++)b(a[h],c,g?d: [...]
+void 0!==c?null===c?void r.removeAttr(a,b):e&&"set"in e&&void 0!==(d=e.set(a,c,b))?d:(a.setAttribute(b,c+""),c):e&&"get"in e&&null!==(d=e.get(a,b))?d:(d=r.find.attr(a,b),null==d?void 0:d))},attrHooks:{type:{set:function(a,b){if(!o.radioValue&&"radio"===b&&r.nodeName(a,"input")){var c=a.value;return a.setAttribute("type",b),c&&(a.value=c),b}}}},removeAttr:function(a,b){var c,d=0,e=b&&b.match(K);if(e&&1===a.nodeType)while(c=e[d++])a.removeAttribute(c)}}),ib={set:function(a,b,c){return b=== [...]
diff --git a/docs/nifi-registry-docs/rest-api/index.html b/docs/nifi-registry-docs/rest-api/index.html
new file mode 100644
index 0000000..a2aac5f
--- /dev/null
+++ b/docs/nifi-registry-docs/rest-api/index.html
@@ -0,0 +1,13107 @@
+<!doctype html>
+<html>
+ <head>
+ <title>Apache NiFi Registry REST API</title>
+ <style type="text/css">
+ @font-face {
+ font-family: 'Open Sans';
+ font-style: normal;
+ font-weight: 300;
+ font-stretch: normal;
+ src: url(https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2) format('woff2');
+ unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+ }
+
+ body {
+ font-family: "Open Sans","DejaVu Sans",sans-serif;
+ margin: 0 auto;
+ width: 100%;
+ max-width: 62.5em;
+ }
+
+ h1 {
+ font-size: 2.75em;
+ color: rgba(0,0,0,0.85);
+ font-weight: 300;
+ font-style: normal;
+ line-height: 1.2;
+ word-spacing: -.05em;
+ }
+
+ h2 {
+ font-size: 2em;
+ }
+
+ h3 {
+ font-size: 1.5em;
+ }
+
+ h4 {
+ font-size: 1.25em;
+ }
+
+ h2, h3, h4, h5, h6 {
+ font-weight: 300;
+ font-style: normal;
+ color: #7a2518;
+ line-height: 1.2;
+ word-spacing: -.05em;
+ }
+
+ a {
+ color: #2156a5;
+ text-decoration: none;
+ }
+
+ h1 > a {
+ color: #7a2518;
+ }
+
+ h2 > a {
+ color: #7a2518;
+ }
+
+ h3 > a {
+ color: #7a2518;
+ }
+
+ h4 > a {
+ color: #7a2518;
+ }
+
+ h5 > a {
+ color: #7a2518;
+ }
+
+ h6 > a {
+ color: #7a2518;
+ }
+
+ pre {
+ background: #f7f7f8;
+ line-height: 1.45;
+ padding: 1em;
+ border-radius: 4px;
+ }
+
+ .app-desc {
+ margin-bottom: 10px;
+ }
+
+ .license-info {
+ margin-bottom: 10px;
+ }
+
+ .license-url {
+ margin-bottom: 10px;
+ }
+
+ .http-method {
+ text-transform: uppercase;
+ }
+
+ code {
+ white-space: pre;
+ }
+
+ code.huge {
+ font-size: 1.5em;
+ }
+
+ .up {
+ display: none;
+ }
+
+ .field-items {
+ margin-left: 10px;
+ }
+
+ .param-desc {
+ margin-bottom: 10px;
+ }
+
+ .param-type {
+ font-style: italic;
+ }
+
+ .param-header {
+ font-weight: bold;
+ }
+ </style>
+ </head>
+ <body>
+ <h1>Apache NiFi Registry REST API</h1>
+ <div class="app-desc">The REST API provides an interface to a registry with operations for saving, versioning, reading NiFi flows and components.</div>
+ <div class="app-desc">More information: <a href="https://nifi.apache.org">https://nifi.apache.org</a></div>
+ <div class="app-desc">Contact Info: <a href="http://localhost:18080/nifi-registry-docs/rest-api/dev@nifi.apache.org">dev@nifi.apache.org</a></div>
+ <div class="app-desc">Version: 1.16.3</div>
+
+ <div class="license-info">Apache 2.0 License</div>
+ <div class="license-url">https://www.apache.org/licenses/LICENSE-2.0.html</div>
+ <h2>Access</h2>
+ <ol>
+ <li>APIKey KeyParamName:Authorization KeyInQuery:false KeyInHeader:true</li>
+ <li>HTTP Basic Authentication</li>
+ </ol>
+
+ <h2><a name="__Methods">Methods</a></h2>
+ [ Jump to <a href="index.html#__Models">Models</a> ]
+
+ <h3>Table of Contents </h3>
+ <div class="method-summary"></div>
+ <h4><a href="index.html#About">About</a></h4>
+ <ul>
+ <li><a href="index.html#getVersion"><code><span class="http-method">get</span> /about</code></a></li>
+ </ul>
+ <h4><a href="index.html#Access">Access</a></h4>
+ <ul>
+ <li><a href="index.html#createAccessTokenByTryingAllProviders"><code><span class="http-method">post</span> /access/token</code></a></li>
+ <li><a href="index.html#createAccessTokenUsingBasicAuthCredentials"><code><span class="http-method">post</span> /access/token/login</code></a></li>
+ <li><a href="index.html#createAccessTokenUsingIdentityProviderCredentials"><code><span class="http-method">post</span> /access/token/identity-provider</code></a></li>
+ <li><a href="index.html#createAccessTokenUsingKerberosTicket"><code><span class="http-method">post</span> /access/token/kerberos</code></a></li>
+ <li><a href="index.html#getAccessStatus"><code><span class="http-method">get</span> /access</code></a></li>
+ <li><a href="index.html#getIdentityProviderUsageInstructions"><code><span class="http-method">get</span> /access/token/identity-provider/usage</code></a></li>
+ <li><a href="index.html#logOut"><code><span class="http-method">delete</span> /access/logout</code></a></li>
+ <li><a href="index.html#oidcCallback"><code><span class="http-method">get</span> /access/oidc/callback</code></a></li>
+ <li><a href="index.html#oidcExchange"><code><span class="http-method">post</span> /access/oidc/exchange</code></a></li>
+ <li><a href="index.html#oidcLogout"><code><span class="http-method">delete</span> /access/oidc/logout</code></a></li>
+ <li><a href="index.html#oidcRequest"><code><span class="http-method">get</span> /access/oidc/request</code></a></li>
+ <li><a href="index.html#testIdentityProviderRecognizesCredentialsFormat"><code><span class="http-method">post</span> /access/token/identity-provider/test</code></a></li>
+ </ul>
+ <h4><a href="index.html#BucketBundles">BucketBundles</a></h4>
+ <ul>
+ <li><a href="index.html#createExtensionBundleVersion"><code><span class="http-method">post</span> /buckets/{bucketId}/bundles/{bundleType}</code></a></li>
+ <li><a href="index.html#getExtensionBundles"><code><span class="http-method">get</span> /buckets/{bucketId}/bundles</code></a></li>
+ </ul>
+ <h4><a href="index.html#BucketFlows">BucketFlows</a></h4>
+ <ul>
+ <li><a href="index.html#createFlow"><code><span class="http-method">post</span> /buckets/{bucketId}/flows</code></a></li>
+ <li><a href="index.html#createFlowVersion"><code><span class="http-method">post</span> /buckets/{bucketId}/flows/{flowId}/versions</code></a></li>
+ <li><a href="index.html#deleteFlow"><code><span class="http-method">delete</span> /buckets/{bucketId}/flows/{flowId}</code></a></li>
+ <li><a href="index.html#exportVersionedFlow"><code><span class="http-method">get</span> /buckets/{bucketId}/flows/{flowId}/versions/{versionNumber}/export</code></a></li>
+ <li><a href="index.html#getFlow"><code><span class="http-method">get</span> /buckets/{bucketId}/flows/{flowId}</code></a></li>
+ <li><a href="index.html#getFlowDiff"><code><span class="http-method">get</span> /buckets/{bucketId}/flows/{flowId}/diff/{versionA}/{versionB}</code></a></li>
+ <li><a href="index.html#getFlowVersion"><code><span class="http-method">get</span> /buckets/{bucketId}/flows/{flowId}/versions/{versionNumber}</code></a></li>
+ <li><a href="index.html#getFlowVersions"><code><span class="http-method">get</span> /buckets/{bucketId}/flows/{flowId}/versions</code></a></li>
+ <li><a href="index.html#getFlows"><code><span class="http-method">get</span> /buckets/{bucketId}/flows</code></a></li>
+ <li><a href="index.html#getLatestFlowVersion"><code><span class="http-method">get</span> /buckets/{bucketId}/flows/{flowId}/versions/latest</code></a></li>
+ <li><a href="index.html#getLatestFlowVersionMetadata"><code><span class="http-method">get</span> /buckets/{bucketId}/flows/{flowId}/versions/latest/metadata</code></a></li>
+ <li><a href="index.html#importVersionedFlow"><code><span class="http-method">post</span> /buckets/{bucketId}/flows/{flowId}/versions/import</code></a></li>
+ <li><a href="index.html#updateFlow"><code><span class="http-method">put</span> /buckets/{bucketId}/flows/{flowId}</code></a></li>
+ </ul>
+ <h4><a href="index.html#Buckets">Buckets</a></h4>
+ <ul>
+ <li><a href="index.html#createBucket"><code><span class="http-method">post</span> /buckets</code></a></li>
+ <li><a href="index.html#deleteBucket"><code><span class="http-method">delete</span> /buckets/{bucketId}</code></a></li>
+ <li><a href="index.html#getAvailableBucketFields"><code><span class="http-method">get</span> /buckets/fields</code></a></li>
+ <li><a href="index.html#getBucket"><code><span class="http-method">get</span> /buckets/{bucketId}</code></a></li>
+ <li><a href="index.html#getBuckets"><code><span class="http-method">get</span> /buckets</code></a></li>
+ <li><a href="index.html#updateBucket"><code><span class="http-method">put</span> /buckets/{bucketId}</code></a></li>
+ </ul>
+ <h4><a href="index.html#Bundles">Bundles</a></h4>
+ <ul>
+ <li><a href="index.html#getBundleVersionExtensionAdditionalDetailsDocs"><code><span class="http-method">get</span> /bundles/{bundleId}/versions/{version}/extensions/{name}/docs/additional-details</code></a></li>
+ <li><a href="index.html#getBundleVersionExtensionDocs"><code><span class="http-method">get</span> /bundles/{bundleId}/versions/{version}/extensions/{name}/docs</code></a></li>
+ <li><a href="index.html#getBundleVersions"><code><span class="http-method">get</span> /bundles/versions</code></a></li>
+ <li><a href="index.html#getBundles"><code><span class="http-method">get</span> /bundles</code></a></li>
+ <li><a href="index.html#globalDeleteBundleVersion"><code><span class="http-method">delete</span> /bundles/{bundleId}/versions/{version}</code></a></li>
+ <li><a href="index.html#globalDeleteExtensionBundle"><code><span class="http-method">delete</span> /bundles/{bundleId}</code></a></li>
+ <li><a href="index.html#globalGetBundleVersion"><code><span class="http-method">get</span> /bundles/{bundleId}/versions/{version}</code></a></li>
+ <li><a href="index.html#globalGetBundleVersionContent"><code><span class="http-method">get</span> /bundles/{bundleId}/versions/{version}/content</code></a></li>
+ <li><a href="index.html#globalGetBundleVersionExtension"><code><span class="http-method">get</span> /bundles/{bundleId}/versions/{version}/extensions/{name}</code></a></li>
+ <li><a href="index.html#globalGetBundleVersionExtensions"><code><span class="http-method">get</span> /bundles/{bundleId}/versions/{version}/extensions</code></a></li>
+ <li><a href="index.html#globalGetBundleVersions"><code><span class="http-method">get</span> /bundles/{bundleId}/versions</code></a></li>
+ <li><a href="index.html#globalGetExtensionBundle"><code><span class="http-method">get</span> /bundles/{bundleId}</code></a></li>
+ </ul>
+ <h4><a href="index.html#Config">Config</a></h4>
+ <ul>
+ <li><a href="index.html#getConfiguration"><code><span class="http-method">get</span> /config</code></a></li>
+ </ul>
+ <h4><a href="index.html#ExtensionRepository">ExtensionRepository</a></h4>
+ <ul>
+ <li><a href="index.html#getExtensionRepoArtifacts"><code><span class="http-method">get</span> /extension-repository/{bucketName}/{groupId}</code></a></li>
+ <li><a href="index.html#getExtensionRepoBuckets"><code><span class="http-method">get</span> /extension-repository</code></a></li>
+ <li><a href="index.html#getExtensionRepoGroups"><code><span class="http-method">get</span> /extension-repository/{bucketName}</code></a></li>
+ <li><a href="index.html#getExtensionRepoVersion"><code><span class="http-method">get</span> /extension-repository/{bucketName}/{groupId}/{artifactId}/{version}</code></a></li>
+ <li><a href="index.html#getExtensionRepoVersionContent"><code><span class="http-method">get</span> /extension-repository/{bucketName}/{groupId}/{artifactId}/{version}/content</code></a></li>
+ <li><a href="index.html#getExtensionRepoVersionExtension"><code><span class="http-method">get</span> /extension-repository/{bucketName}/{groupId}/{artifactId}/{version}/extensions/{name}</code></a></li>
+ <li><a href="index.html#getExtensionRepoVersionExtensionAdditionalDetailsDocs"><code><span class="http-method">get</span> /extension-repository/{bucketName}/{groupId}/{artifactId}/{version}/extensions/{name}/docs/additional-details</code></a></li>
+ <li><a href="index.html#getExtensionRepoVersionExtensionDocs"><code><span class="http-method">get</span> /extension-repository/{bucketName}/{groupId}/{artifactId}/{version}/extensions/{name}/docs</code></a></li>
+ <li><a href="index.html#getExtensionRepoVersionExtensions"><code><span class="http-method">get</span> /extension-repository/{bucketName}/{groupId}/{artifactId}/{version}/extensions</code></a></li>
+ <li><a href="index.html#getExtensionRepoVersionSha256"><code><span class="http-method">get</span> /extension-repository/{bucketName}/{groupId}/{artifactId}/{version}/sha256</code></a></li>
+ <li><a href="index.html#getExtensionRepoVersions"><code><span class="http-method">get</span> /extension-repository/{bucketName}/{groupId}/{artifactId}</code></a></li>
+ <li><a href="index.html#getGlobalExtensionRepoVersionSha256"><code><span class="http-method">get</span> /extension-repository/{groupId}/{artifactId}/{version}/sha256</code></a></li>
+ </ul>
+ <h4><a href="index.html#Extensions">Extensions</a></h4>
+ <ul>
+ <li><a href="index.html#getExtensions"><code><span class="http-method">get</span> /extensions</code></a></li>
+ <li><a href="index.html#getExtensionsProvidingServiceAPI"><code><span class="http-method">get</span> /extensions/provided-service-api</code></a></li>
+ <li><a href="index.html#getTags"><code><span class="http-method">get</span> /extensions/tags</code></a></li>
+ </ul>
+ <h4><a href="index.html#Flows">Flows</a></h4>
+ <ul>
+ <li><a href="index.html#getAvailableFlowFields"><code><span class="http-method">get</span> /flows/fields</code></a></li>
+ <li><a href="index.html#globalGetFlow"><code><span class="http-method">get</span> /flows/{flowId}</code></a></li>
+ <li><a href="index.html#globalGetFlowVersion"><code><span class="http-method">get</span> /flows/{flowId}/versions/{versionNumber}</code></a></li>
+ <li><a href="index.html#globalGetFlowVersions"><code><span class="http-method">get</span> /flows/{flowId}/versions</code></a></li>
+ <li><a href="index.html#globalGetLatestFlowVersion"><code><span class="http-method">get</span> /flows/{flowId}/versions/latest</code></a></li>
+ <li><a href="index.html#globalGetLatestFlowVersionMetadata"><code><span class="http-method">get</span> /flows/{flowId}/versions/latest/metadata</code></a></li>
+ </ul>
+ <h4><a href="index.html#Items">Items</a></h4>
+ <ul>
+ <li><a href="index.html#getAvailableBucketItemFields"><code><span class="http-method">get</span> /items/fields</code></a></li>
+ <li><a href="index.html#getItems"><code><span class="http-method">get</span> /items</code></a></li>
+ <li><a href="index.html#getItemsInBucket"><code><span class="http-method">get</span> /items/{bucketId}</code></a></li>
+ </ul>
+ <h4><a href="index.html#Policies">Policies</a></h4>
+ <ul>
+ <li><a href="index.html#createAccessPolicy"><code><span class="http-method">post</span> /policies</code></a></li>
+ <li><a href="index.html#getAccessPolicies"><code><span class="http-method">get</span> /policies</code></a></li>
+ <li><a href="index.html#getAccessPolicy"><code><span class="http-method">get</span> /policies/{id}</code></a></li>
+ <li><a href="index.html#getAccessPolicyForResource"><code><span class="http-method">get</span> /policies/{action}/{resource}</code></a></li>
+ <li><a href="index.html#getResources"><code><span class="http-method">get</span> /policies/resources</code></a></li>
+ <li><a href="index.html#removeAccessPolicy"><code><span class="http-method">delete</span> /policies/{id}</code></a></li>
+ <li><a href="index.html#updateAccessPolicy"><code><span class="http-method">put</span> /policies/{id}</code></a></li>
+ </ul>
+ <h4><a href="index.html#Tenants">Tenants</a></h4>
+ <ul>
+ <li><a href="index.html#createUser"><code><span class="http-method">post</span> /tenants/users</code></a></li>
+ <li><a href="index.html#createUserGroup"><code><span class="http-method">post</span> /tenants/user-groups</code></a></li>
+ <li><a href="index.html#getUser"><code><span class="http-method">get</span> /tenants/users/{id}</code></a></li>
+ <li><a href="index.html#getUserGroup"><code><span class="http-method">get</span> /tenants/user-groups/{id}</code></a></li>
+ <li><a href="index.html#getUserGroups"><code><span class="http-method">get</span> /tenants/user-groups</code></a></li>
+ <li><a href="index.html#getUsers"><code><span class="http-method">get</span> /tenants/users</code></a></li>
+ <li><a href="index.html#removeUser"><code><span class="http-method">delete</span> /tenants/users/{id}</code></a></li>
+ <li><a href="index.html#removeUserGroup"><code><span class="http-method">delete</span> /tenants/user-groups/{id}</code></a></li>
+ <li><a href="index.html#updateUser"><code><span class="http-method">put</span> /tenants/users/{id}</code></a></li>
+ <li><a href="index.html#updateUserGroup"><code><span class="http-method">put</span> /tenants/user-groups/{id}</code></a></li>
+ </ul>
+
+ <h1><a name="About">About</a></h1>
+ <div class="method"><a name="getVersion"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="get"><code class="huge"><span class="http-method">get</span> /about</code></pre></div>
+ <div class="method-summary">Get version (<span class="nickname">getVersion</span>)</div>
+ <div class="method-notes">Gets the NiFi Registry version.</div>
+
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+ <a href="index.html#RegistryAbout">RegistryAbout</a>
+
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>{
+ "registryAboutVersion" : "registryAboutVersion"
+}</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>application/json</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#RegistryAbout">RegistryAbout</a>
+ </div> <!-- method -->
+ <hr/>
+ <h1><a name="Access">Access</a></h1>
+ <div class="method"><a name="createAccessTokenByTryingAllProviders"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="post"><code class="huge"><span class="http-method">post</span> /access/token</code></pre></div>
+ <div class="method-summary">Create token trying all providers (<span class="nickname">createAccessTokenByTryingAllProviders</span>)</div>
+ <div class="method-notes">Creates a token for accessing the REST API via auto-detected method of verifying client identity claim credentials. The token returned is formatted as a JSON Web Token (JWT). The token is base64 encoded and comprised of three parts. The header, the body, and the signature. The expiration of the token is a contained within the body. The token can be used in the Authorization header in the format 'Authorization: Bearer <token>'.</div>
+
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+
+ String
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>""</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>text/plain</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#String">String</a>
+ <h4 class="field-label">400</h4>
+ NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification.
+ <a href="index.html#"></a>
+ <h4 class="field-label">401</h4>
+ Client could not be authenticated.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid. The NiFi Registry may not be configured to support login with username/password.
+ <a href="index.html#"></a>
+ <h4 class="field-label">500</h4>
+ NiFi Registry was unable to complete the request because an unexpected error occurred.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="createAccessTokenUsingBasicAuthCredentials"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="post"><code class="huge"><span class="http-method">post</span> /access/token/login</code></pre></div>
+ <div class="method-summary">Create token using basic auth (<span class="nickname">createAccessTokenUsingBasicAuthCredentials</span>)</div>
+ <div class="method-notes">Creates a token for accessing the REST API via username/password. The user credentials must be passed in standard HTTP Basic Auth format. That is: 'Authorization: Basic <credentials>', where <credentials> is the base64 encoded value of '<username>:<password>'. The token returned is formatted as a JSON Web Token (JWT). The token is base64 encoded and comprised of three parts. The header, the body, and the signature. The expiration of the token is a contained [...]
+
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+
+ String
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>""</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>text/plain</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#String">String</a>
+ <h4 class="field-label">400</h4>
+ NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification.
+ <a href="index.html#"></a>
+ <h4 class="field-label">401</h4>
+ Client could not be authenticated.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid. The NiFi Registry may not be configured to support login with username/password.
+ <a href="index.html#"></a>
+ <h4 class="field-label">500</h4>
+ NiFi Registry was unable to complete the request because an unexpected error occurred.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="createAccessTokenUsingIdentityProviderCredentials"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="post"><code class="huge"><span class="http-method">post</span> /access/token/identity-provider</code></pre></div>
+ <div class="method-summary">Create token using identity provider (<span class="nickname">createAccessTokenUsingIdentityProviderCredentials</span>)</div>
+ <div class="method-notes">Creates a token for accessing the REST API via a custom identity provider. The user credentials must be passed in a format understood by the custom identity provider, e.g., a third-party auth token in an HTTP header. The exact format of the user credentials expected by the custom identity provider can be discovered by 'GET /access/token/identity-provider/usage'. The token returned is formatted as a JSON Web Token (JWT). The token is base64 encoded and compri [...]
+
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+
+ String
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>""</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>text/plain</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#String">String</a>
+ <h4 class="field-label">400</h4>
+ NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification.
+ <a href="index.html#"></a>
+ <h4 class="field-label">401</h4>
+ Client could not be authenticated.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid. The NiFi Registry may not be configured to support login with customized credentials.
+ <a href="index.html#"></a>
+ <h4 class="field-label">500</h4>
+ NiFi Registry was unable to complete the request because an unexpected error occurred.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="createAccessTokenUsingKerberosTicket"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="post"><code class="huge"><span class="http-method">post</span> /access/token/kerberos</code></pre></div>
+ <div class="method-summary">Create token using kerberos (<span class="nickname">createAccessTokenUsingKerberosTicket</span>)</div>
+ <div class="method-notes">Creates a token for accessing the REST API via Kerberos Service Tickets or SPNEGO Tokens (which includes Kerberos Service Tickets). The token returned is formatted as a JSON Web Token (JWT). The token is base64 encoded and comprised of three parts. The header, the body, and the signature. The expiration of the token is a contained within the body. The token can be used in the Authorization header in the format 'Authorization: Bearer <token>'.</div>
+
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+
+ String
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>""</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>text/plain</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#String">String</a>
+ <h4 class="field-label">400</h4>
+ NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification.
+ <a href="index.html#"></a>
+ <h4 class="field-label">401</h4>
+ Client could not be authenticated.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid. The NiFi Registry may not be configured to support login Kerberos credentials.
+ <a href="index.html#"></a>
+ <h4 class="field-label">500</h4>
+ NiFi Registry was unable to complete the request because an unexpected error occurred.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="getAccessStatus"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="get"><code class="huge"><span class="http-method">get</span> /access</code></pre></div>
+ <div class="method-summary">Get access status (<span class="nickname">getAccessStatus</span>)</div>
+ <div class="method-notes">Returns the current client's authenticated identity and permissions to top-level resources</div>
+
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+ <a href="index.html#CurrentUser">CurrentUser</a>
+
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>{
+ "oidcloginSupported" : true,
+ "resourcePermissions" : {
+ "buckets" : {
+ "canRead" : true,
+ "canWrite" : true,
+ "canDelete" : true
+ }
+ },
+ "identity" : "identity",
+ "anonymous" : true,
+ "loginSupported" : true
+}</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>application/json</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#CurrentUser">CurrentUser</a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid. The NiFi Registry might be running unsecured.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="getIdentityProviderUsageInstructions"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="get"><code class="huge"><span class="http-method">get</span> /access/token/identity-provider/usage</code></pre></div>
+ <div class="method-summary">Get identity provider usage (<span class="nickname">getIdentityProviderUsageInstructions</span>)</div>
+ <div class="method-notes">Provides a description of how the currently configured identity provider expects credentials to be passed to POST /access/token/identity-provider</div>
+
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+
+ String
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>""</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>text/plain</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#String">String</a>
+ <h4 class="field-label">400</h4>
+ NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid. The NiFi Registry may not be configured to support login with customized credentials.
+ <a href="index.html#"></a>
+ <h4 class="field-label">500</h4>
+ NiFi Registry was unable to complete the request because an unexpected error occurred.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="logOut"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="delete"><code class="huge"><span class="http-method">delete</span> /access/logout</code></pre></div>
+ <div class="method-summary">Performs a logout for other providers that have been issued a JWT. (<span class="nickname">logOut</span>)</div>
+ <div class="method-notes">NOTE: This endpoint is subject to change as NiFi Registry and its REST API evolve.</div>
+
+
+
+
+
+
+
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ User was logged out successfully.
+ <a href="index.html#"></a>
+ <h4 class="field-label">401</h4>
+ Authentication token provided was empty or not in the correct JWT format.
+ <a href="index.html#"></a>
+ <h4 class="field-label">500</h4>
+ Client failed to log out.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="oidcCallback"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="get"><code class="huge"><span class="http-method">get</span> /access/oidc/callback</code></pre></div>
+ <div class="method-summary">Redirect/callback URI for processing the result of the OpenId Connect login sequence. (<span class="nickname">oidcCallback</span>)</div>
+ <div class="method-notes">NOTE: This endpoint is subject to change as NiFi Registry and its REST API evolve.</div>
+
+
+
+
+
+
+
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">default</h4>
+ successful operation
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="oidcExchange"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="post"><code class="huge"><span class="http-method">post</span> /access/oidc/exchange</code></pre></div>
+ <div class="method-summary">Retrieves a JWT following a successful login sequence using the configured OpenId Connect provider. (<span class="nickname">oidcExchange</span>)</div>
+ <div class="method-notes">NOTE: This endpoint is subject to change as NiFi Registry and its REST API evolve.</div>
+
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+
+ String
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>""</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>text/plain</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#String">String</a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="oidcLogout"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="delete"><code class="huge"><span class="http-method">delete</span> /access/oidc/logout</code></pre></div>
+ <div class="method-summary">Performs a logout in the OpenId Provider. (<span class="nickname">oidcLogout</span>)</div>
+ <div class="method-notes">NOTE: This endpoint is subject to change as NiFi Registry and its REST API evolve.</div>
+
+
+
+
+
+
+
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">default</h4>
+ successful operation
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="oidcRequest"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="get"><code class="huge"><span class="http-method">get</span> /access/oidc/request</code></pre></div>
+ <div class="method-summary">Initiates a request to authenticate through the configured OpenId Connect provider. (<span class="nickname">oidcRequest</span>)</div>
+ <div class="method-notes">NOTE: This endpoint is subject to change as NiFi Registry and its REST API evolve.</div>
+
+
+
+
+
+
+
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">default</h4>
+ successful operation
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="testIdentityProviderRecognizesCredentialsFormat"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="post"><code class="huge"><span class="http-method">post</span> /access/token/identity-provider/test</code></pre></div>
+ <div class="method-summary">Test identity provider (<span class="nickname">testIdentityProviderRecognizesCredentialsFormat</span>)</div>
+ <div class="method-notes">Tests the format of the credentials against this identity provider without preforming authentication on the credentials to validate them. The user credentials should be passed in a format understood by the custom identity provider as defined by 'GET /access/token/identity-provider/usage'.</div>
+
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+
+ String
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>""</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>text/plain</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#String">String</a>
+ <h4 class="field-label">400</h4>
+ NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification.
+ <a href="index.html#"></a>
+ <h4 class="field-label">401</h4>
+ The format of the credentials were not recognized by the currently configured identity provider.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid. The NiFi Registry may not be configured to support login with customized credentials.
+ <a href="index.html#"></a>
+ <h4 class="field-label">500</h4>
+ NiFi Registry was unable to complete the request because an unexpected error occurred.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <h1><a name="BucketBundles">BucketBundles</a></h1>
+ <div class="method"><a name="createExtensionBundleVersion"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="post"><code class="huge"><span class="http-method">post</span> /buckets/{bucketId}/bundles/{bundleType}</code></pre></div>
+ <div class="method-summary">Create extension bundle version (<span class="nickname">createExtensionBundleVersion</span>)</div>
+ <div class="method-notes"><p>Creates a version of an extension bundle by uploading a binary artifact. If an extension bundle already exists in the given bucket with the same group id and artifact id as that of the bundle being uploaded, then it will be added as a new version to the existing bundle. If an extension bundle does not already exist in the given bucket with the same group id and artifact id, then a new extension bundle will be created and this version will be added to the [...]
+<p>NOTE: This endpoint is subject to change as NiFi Registry and its REST API evolve.</p>
+</div>
+
+ <h3 class="field-label">Path parameters</h3>
+ <div class="field-items">
+ <div class="param">bucketId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The bucket identifier </div> <div class="param">bundleType (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The type of the bundle </div> </div> <!-- field-items -->
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+ <a href="index.html#BundleVersion">BundleVersion</a>
+
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>{
+ "bucket" : {
+ "identifier" : "identifier",
+ "allowBundleRedeploy" : true,
+ "permissions" : {
+ "canRead" : true,
+ "canWrite" : true,
+ "canDelete" : true
+ },
+ "createdTimestamp" : 1,
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "name" : "name",
+ "description" : "description",
+ "allowPublicRead" : true,
+ "revision" : {
+ "clientId" : "clientId",
+ "lastModifier" : "lastModifier",
+ "version" : 6
+ }
+ },
+ "filename" : "filename",
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "versionMetadata" : {
+ "sha256" : "sha256",
+ "buildInfo" : {
+ "buildBranch" : "buildBranch",
+ "builtBy" : "builtBy",
+ "buildTag" : "buildTag",
+ "buildRevision" : "buildRevision",
+ "built" : 1,
+ "buildTool" : "buildTool",
+ "buildFlags" : "buildFlags"
+ },
+ "author" : "author",
+ "groupId" : "groupId",
+ "bundleId" : "bundleId",
+ "description" : "description",
+ "bucketId" : "bucketId",
+ "version" : "version",
+ "sha256Supplied" : true,
+ "contentSize" : 0,
+ "artifactId" : "artifactId",
+ "id" : "id",
+ "timestamp" : 1,
+ "systemApiVersion" : "systemApiVersion"
+ },
+ "bundle" : {
+ "versionCount" : 0,
+ "identifier" : "identifier",
+ "bucketName" : "bucketName",
+ "createdTimestamp" : 1,
+ "groupId" : "groupId",
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "description" : "description",
+ "bucketIdentifier" : "bucketIdentifier",
+ "bundleType" : "NIFI_NAR",
+ "type" : "Flow",
+ "permissions" : {
+ "canRead" : true,
+ "canWrite" : true,
+ "canDelete" : true
+ },
+ "name" : "name",
+ "modifiedTimestamp" : 1,
+ "artifactId" : "artifactId"
+ },
+ "dependencies" : [ {
+ "groupId" : "groupId",
+ "artifactId" : "artifactId",
+ "version" : "version"
+ }, {
+ "groupId" : "groupId",
+ "artifactId" : "artifactId",
+ "version" : "version"
+ } ]
+}</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>application/json</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#BundleVersion">BundleVersion</a>
+ <h4 class="field-label">400</h4>
+ NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification.
+ <a href="index.html#"></a>
+ <h4 class="field-label">401</h4>
+ Client could not be authenticated.
+ <a href="index.html#"></a>
+ <h4 class="field-label">403</h4>
+ Client is not authorized to make this request.
+ <a href="index.html#"></a>
+ <h4 class="field-label">404</h4>
+ The specified resource could not be found.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="getExtensionBundles"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="get"><code class="huge"><span class="http-method">get</span> /buckets/{bucketId}/bundles</code></pre></div>
+ <div class="method-summary">Get extension bundles by bucket (<span class="nickname">getExtensionBundles</span>)</div>
+ <div class="method-notes">NOTE: This endpoint is subject to change as NiFi Registry and its REST API evolve.</div>
+
+ <h3 class="field-label">Path parameters</h3>
+ <div class="field-items">
+ <div class="param">bucketId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The bucket identifier </div> </div> <!-- field-items -->
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+ array[<a href="index.html#ExtensionBundle">ExtensionBundle</a>]
+
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>[ {
+ "versionCount" : 0,
+ "identifier" : "identifier",
+ "bucketName" : "bucketName",
+ "createdTimestamp" : 1,
+ "groupId" : "groupId",
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "description" : "description",
+ "bucketIdentifier" : "bucketIdentifier",
+ "bundleType" : "NIFI_NAR",
+ "type" : "Flow",
+ "permissions" : {
+ "canRead" : true,
+ "canWrite" : true,
+ "canDelete" : true
+ },
+ "name" : "name",
+ "modifiedTimestamp" : 1,
+ "artifactId" : "artifactId"
+}, {
+ "versionCount" : 0,
+ "identifier" : "identifier",
+ "bucketName" : "bucketName",
+ "createdTimestamp" : 1,
+ "groupId" : "groupId",
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "description" : "description",
+ "bucketIdentifier" : "bucketIdentifier",
+ "bundleType" : "NIFI_NAR",
+ "type" : "Flow",
+ "permissions" : {
+ "canRead" : true,
+ "canWrite" : true,
+ "canDelete" : true
+ },
+ "name" : "name",
+ "modifiedTimestamp" : 1,
+ "artifactId" : "artifactId"
+} ]</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>application/json</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+
+ <h4 class="field-label">400</h4>
+ NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification.
+ <a href="index.html#"></a>
+ <h4 class="field-label">401</h4>
+ Client could not be authenticated.
+ <a href="index.html#"></a>
+ <h4 class="field-label">403</h4>
+ Client is not authorized to make this request.
+ <a href="index.html#"></a>
+ <h4 class="field-label">404</h4>
+ The specified resource could not be found.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <h1><a name="BucketFlows">BucketFlows</a></h1>
+ <div class="method"><a name="createFlow"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="post"><code class="huge"><span class="http-method">post</span> /buckets/{bucketId}/flows</code></pre></div>
+ <div class="method-summary">Create flow (<span class="nickname">createFlow</span>)</div>
+ <div class="method-notes">Creates a flow in the given bucket. The flow id is created by the server and populated in the returned entity.</div>
+
+ <h3 class="field-label">Path parameters</h3>
+ <div class="field-items">
+ <div class="param">bucketId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The bucket identifier </div> </div> <!-- field-items -->
+
+ <h3 class="field-label">Consumes</h3>
+ This API call consumes the following media types via the <span class="header">Content-Type</span> request header:
+ <ul>
+ <li><code>application/json</code></li>
+ </ul>
+
+ <h3 class="field-label">Request body</h3>
+ <div class="field-items">
+ <div class="param">body <a href="index.html#VersionedFlow">VersionedFlow</a> (required)</div>
+
+ <div class="param-desc"><span class="param-type">Body Parameter</span> — The details of the flow to create. </div>
+ </div> <!-- field-items -->
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+ <a href="index.html#VersionedFlow">VersionedFlow</a>
+
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>{
+ "versionCount" : 0,
+ "identifier" : "identifier",
+ "bucketName" : "bucketName",
+ "permissions" : {
+ "canRead" : true,
+ "canWrite" : true,
+ "canDelete" : true
+ },
+ "createdTimestamp" : 1,
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "name" : "name",
+ "description" : "description",
+ "modifiedTimestamp" : 1,
+ "bucketIdentifier" : "bucketIdentifier",
+ "type" : "Flow",
+ "revision" : {
+ "clientId" : "clientId",
+ "lastModifier" : "lastModifier",
+ "version" : 6
+ }
+}</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>application/json</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#VersionedFlow">VersionedFlow</a>
+ <h4 class="field-label">400</h4>
+ NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification.
+ <a href="index.html#"></a>
+ <h4 class="field-label">401</h4>
+ Client could not be authenticated.
+ <a href="index.html#"></a>
+ <h4 class="field-label">403</h4>
+ Client is not authorized to make this request.
+ <a href="index.html#"></a>
+ <h4 class="field-label">404</h4>
+ The specified resource could not be found.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="createFlowVersion"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="post"><code class="huge"><span class="http-method">post</span> /buckets/{bucketId}/flows/{flowId}/versions</code></pre></div>
+ <div class="method-summary">Create flow version (<span class="nickname">createFlowVersion</span>)</div>
+ <div class="method-notes">Creates the next version of a flow. The version number of the object being created must be the next available version integer. Flow versions are immutable after they are created.</div>
+
+ <h3 class="field-label">Path parameters</h3>
+ <div class="field-items">
+ <div class="param">bucketId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The bucket identifier </div> <div class="param">flowId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The flow identifier </div> </div> <!-- field-items -->
+
+ <h3 class="field-label">Consumes</h3>
+ This API call consumes the following media types via the <span class="header">Content-Type</span> request header:
+ <ul>
+ <li><code>*/*</code></li>
+ </ul>
+
+ <h3 class="field-label">Request body</h3>
+ <div class="field-items">
+ <div class="param">body <a href="index.html#VersionedFlowSnapshot">VersionedFlowSnapshot</a> (required)</div>
+
+ <div class="param-desc"><span class="param-type">Body Parameter</span> — The new versioned flow snapshot. </div>
+ </div> <!-- field-items -->
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+ <a href="index.html#VersionedFlowSnapshot">VersionedFlowSnapshot</a>
+
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>{
+ "bucket" : {
+ "identifier" : "identifier",
+ "allowBundleRedeploy" : true,
+ "permissions" : {
+ "canRead" : true,
+ "canWrite" : true,
+ "canDelete" : true
+ },
+ "createdTimestamp" : 1,
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "name" : "name",
+ "description" : "description",
+ "allowPublicRead" : true,
+ "revision" : {
+ "clientId" : "clientId",
+ "lastModifier" : "lastModifier",
+ "version" : 6
+ }
+ },
+ "snapshotMetadata" : {
+ "flowIdentifier" : "flowIdentifier",
+ "comments" : "comments",
+ "author" : "author",
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "bucketIdentifier" : "bucketIdentifier",
+ "version" : 0,
+ "timestamp" : 1
+ },
+ "externalControllerServices" : {
+ "key" : {
+ "identifier" : "identifier",
+ "name" : "name"
+ }
+ },
+ "flowContents" : {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "variables" : {
+ "key" : "variables"
+ },
+ "defaultBackPressureObjectThreshold" : 7,
+ "comments" : "comments",
+ "processors" : [ {
+ "autoTerminatedRelationships" : [ "autoTerminatedRelationships", "autoTerminatedRelationships" ],
+ "bulletinLevel" : "bulletinLevel",
+ "executionNode" : "executionNode",
+ "runDurationMillis" : 2,
+ "type" : "type",
+ "propertyDescriptors" : {
+ "key" : {
+ "resourceDefinition" : {
+ "resourceTypes" : [ "FILE", "FILE" ],
+ "cardinality" : "SINGLE"
+ },
+ "displayName" : "displayName",
+ "identifiesControllerService" : true,
+ "name" : "name",
+ "sensitive" : true
+ }
+ },
+ "scheduledState" : "ENABLED",
+ "maxBackoffPeriod" : "maxBackoffPeriod",
+ "yieldDuration" : "yieldDuration",
+ "bundle" : {
+ "artifact" : "artifact",
+ "version" : "version",
+ "group" : "group"
+ },
+ "retriedRelationships" : [ "retriedRelationships", "retriedRelationships" ],
+ "annotationData" : "annotationData",
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "concurrentlySchedulableTaskCount" : 7,
+ "retryCount" : 9,
+ "penaltyDuration" : "penaltyDuration",
+ "backoffMechanism" : "PENALIZE_FLOWFILE",
+ "schedulingStrategy" : "schedulingStrategy",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "style" : {
+ "key" : "style"
+ },
+ "schedulingPeriod" : "schedulingPeriod",
+ "groupIdentifier" : "groupIdentifier",
+ "properties" : {
+ "key" : "properties"
+ }
+ }, {
+ "autoTerminatedRelationships" : [ "autoTerminatedRelationships", "autoTerminatedRelationships" ],
+ "bulletinLevel" : "bulletinLevel",
+ "executionNode" : "executionNode",
+ "runDurationMillis" : 2,
+ "type" : "type",
+ "propertyDescriptors" : {
+ "key" : {
+ "resourceDefinition" : {
+ "resourceTypes" : [ "FILE", "FILE" ],
+ "cardinality" : "SINGLE"
+ },
+ "displayName" : "displayName",
+ "identifiesControllerService" : true,
+ "name" : "name",
+ "sensitive" : true
+ }
+ },
+ "scheduledState" : "ENABLED",
+ "maxBackoffPeriod" : "maxBackoffPeriod",
+ "yieldDuration" : "yieldDuration",
+ "bundle" : {
+ "artifact" : "artifact",
+ "version" : "version",
+ "group" : "group"
+ },
+ "retriedRelationships" : [ "retriedRelationships", "retriedRelationships" ],
+ "annotationData" : "annotationData",
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "concurrentlySchedulableTaskCount" : 7,
+ "retryCount" : 9,
+ "penaltyDuration" : "penaltyDuration",
+ "backoffMechanism" : "PENALIZE_FLOWFILE",
+ "schedulingStrategy" : "schedulingStrategy",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "style" : {
+ "key" : "style"
+ },
+ "schedulingPeriod" : "schedulingPeriod",
+ "groupIdentifier" : "groupIdentifier",
+ "properties" : {
+ "key" : "properties"
+ }
+ } ],
+ "labels" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "name" : "name",
+ "width" : 1.0246457001441578,
+ "instanceIdentifier" : "instanceIdentifier",
+ "style" : {
+ "key" : "style"
+ },
+ "label" : "label",
+ "groupIdentifier" : "groupIdentifier",
+ "zIndex" : 1,
+ "height" : 1.4894159098541704
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "name" : "name",
+ "width" : 1.0246457001441578,
+ "instanceIdentifier" : "instanceIdentifier",
+ "style" : {
+ "key" : "style"
+ },
+ "label" : "label",
+ "groupIdentifier" : "groupIdentifier",
+ "zIndex" : 1,
+ "height" : 1.4894159098541704
+ } ],
+ "defaultBackPressureDataSizeThreshold" : "defaultBackPressureDataSizeThreshold",
+ "controllerServices" : [ {
+ "annotationData" : "annotationData",
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "type" : "type",
+ "propertyDescriptors" : { },
+ "scheduledState" : "ENABLED",
+ "controllerServiceApis" : [ {
+ "type" : "type"
+ }, {
+ "type" : "type"
+ } ],
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier",
+ "properties" : {
+ "key" : "properties"
+ }
+ }, {
+ "annotationData" : "annotationData",
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "type" : "type",
+ "propertyDescriptors" : { },
+ "scheduledState" : "ENABLED",
+ "controllerServiceApis" : [ {
+ "type" : "type"
+ }, {
+ "type" : "type"
+ } ],
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier",
+ "properties" : {
+ "key" : "properties"
+ }
+ } ],
+ "defaultFlowFileExpiration" : "defaultFlowFileExpiration",
+ "flowFileConcurrency" : "flowFileConcurrency",
+ "processGroups" : [ null, null ],
+ "flowFileOutboundPolicy" : "flowFileOutboundPolicy",
+ "outputPorts" : [ null, null ],
+ "name" : "name",
+ "inputPorts" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "allowRemoteAccess" : true,
+ "concurrentlySchedulableTaskCount" : 3,
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "type" : "INPUT_PORT",
+ "groupIdentifier" : "groupIdentifier",
+ "scheduledState" : "ENABLED"
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "allowRemoteAccess" : true,
+ "concurrentlySchedulableTaskCount" : 3,
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "type" : "INPUT_PORT",
+ "groupIdentifier" : "groupIdentifier",
+ "scheduledState" : "ENABLED"
+ } ],
+ "funnels" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier"
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier"
+ } ],
+ "instanceIdentifier" : "instanceIdentifier",
+ "position" : {
+ "x" : 0.8008281904610115,
+ "y" : 6.027456183070403
+ },
+ "versionedFlowCoordinates" : {
+ "registryUrl" : "registryUrl",
+ "bucketId" : "bucketId",
+ "flowId" : "flowId",
+ "version" : 6,
+ "latest" : true
+ },
+ "remoteProcessGroups" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "communicationsTimeout" : "communicationsTimeout",
+ "proxyHost" : "proxyHost",
+ "proxyPort" : 1,
+ "transportProtocol" : "RAW",
+ "outputPorts" : [ null, null ],
+ "name" : "name",
+ "targetUri" : "targetUri",
+ "proxyUser" : "proxyUser",
+ "targetUris" : "targetUris",
+ "inputPorts" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "remoteGroupId" : "remoteGroupId",
+ "comments" : "comments",
+ "targetId" : "targetId",
+ "concurrentlySchedulableTaskCount" : 5,
+ "useCompression" : true,
+ "scheduledState" : "ENABLED",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "batchSize" : {
+ "duration" : "duration",
+ "size" : "size",
+ "count" : 5
+ },
+ "groupIdentifier" : "groupIdentifier"
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "remoteGroupId" : "remoteGroupId",
+ "comments" : "comments",
+ "targetId" : "targetId",
+ "concurrentlySchedulableTaskCount" : 5,
+ "useCompression" : true,
+ "scheduledState" : "ENABLED",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "batchSize" : {
+ "duration" : "duration",
+ "size" : "size",
+ "count" : 5
+ },
+ "groupIdentifier" : "groupIdentifier"
+ } ],
+ "instanceIdentifier" : "instanceIdentifier",
+ "yieldDuration" : "yieldDuration",
+ "groupIdentifier" : "groupIdentifier",
+ "localNetworkInterface" : "localNetworkInterface"
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "communicationsTimeout" : "communicationsTimeout",
+ "proxyHost" : "proxyHost",
+ "proxyPort" : 1,
+ "transportProtocol" : "RAW",
+ "outputPorts" : [ null, null ],
+ "name" : "name",
+ "targetUri" : "targetUri",
+ "proxyUser" : "proxyUser",
+ "targetUris" : "targetUris",
+ "inputPorts" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "remoteGroupId" : "remoteGroupId",
+ "comments" : "comments",
+ "targetId" : "targetId",
+ "concurrentlySchedulableTaskCount" : 5,
+ "useCompression" : true,
+ "scheduledState" : "ENABLED",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "batchSize" : {
+ "duration" : "duration",
+ "size" : "size",
+ "count" : 5
+ },
+ "groupIdentifier" : "groupIdentifier"
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "remoteGroupId" : "remoteGroupId",
+ "comments" : "comments",
+ "targetId" : "targetId",
+ "concurrentlySchedulableTaskCount" : 5,
+ "useCompression" : true,
+ "scheduledState" : "ENABLED",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "batchSize" : {
+ "duration" : "duration",
+ "size" : "size",
+ "count" : 5
+ },
+ "groupIdentifier" : "groupIdentifier"
+ } ],
+ "instanceIdentifier" : "instanceIdentifier",
+ "yieldDuration" : "yieldDuration",
+ "groupIdentifier" : "groupIdentifier",
+ "localNetworkInterface" : "localNetworkInterface"
+ } ],
+ "groupIdentifier" : "groupIdentifier",
+ "connections" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "prioritizers" : [ "prioritizers", "prioritizers" ],
+ "comments" : "comments",
+ "flowFileExpiration" : "flowFileExpiration",
+ "selectedRelationships" : [ "selectedRelationships", "selectedRelationships" ],
+ "loadBalanceCompression" : "DO_NOT_COMPRESS",
+ "backPressureDataSizeThreshold" : "backPressureDataSizeThreshold",
+ "loadBalanceStrategy" : "DO_NOT_LOAD_BALANCE",
+ "source" : {
+ "comments" : "comments",
+ "groupId" : "groupId",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "id" : "id",
+ "type" : "PROCESSOR"
+ },
+ "labelIndex" : 2,
+ "bends" : [ null, null ],
+ "backPressureObjectThreshold" : 7,
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier",
+ "partitioningAttribute" : "partitioningAttribute",
+ "zIndex" : 4
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "prioritizers" : [ "prioritizers", "prioritizers" ],
+ "comments" : "comments",
+ "flowFileExpiration" : "flowFileExpiration",
+ "selectedRelationships" : [ "selectedRelationships", "selectedRelationships" ],
+ "loadBalanceCompression" : "DO_NOT_COMPRESS",
+ "backPressureDataSizeThreshold" : "backPressureDataSizeThreshold",
+ "loadBalanceStrategy" : "DO_NOT_LOAD_BALANCE",
+ "source" : {
+ "comments" : "comments",
+ "groupId" : "groupId",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "id" : "id",
+ "type" : "PROCESSOR"
+ },
+ "labelIndex" : 2,
+ "bends" : [ null, null ],
+ "backPressureObjectThreshold" : 7,
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier",
+ "partitioningAttribute" : "partitioningAttribute",
+ "zIndex" : 4
+ } ],
+ "parameterContextName" : "parameterContextName"
+ },
+ "flowEncodingVersion" : "flowEncodingVersion",
+ "flow" : {
+ "versionCount" : 0,
+ "identifier" : "identifier",
+ "bucketName" : "bucketName",
+ "permissions" : {
+ "canRead" : true,
+ "canWrite" : true,
+ "canDelete" : true
+ },
+ "createdTimestamp" : 1,
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "name" : "name",
+ "description" : "description",
+ "modifiedTimestamp" : 1,
+ "bucketIdentifier" : "bucketIdentifier",
+ "type" : "Flow",
+ "revision" : {
+ "clientId" : "clientId",
+ "lastModifier" : "lastModifier",
+ "version" : 6
+ }
+ },
+ "parameterContexts" : {
+ "key" : {
+ "identifier" : "identifier",
+ "inheritedParameterContexts" : [ "inheritedParameterContexts", "inheritedParameterContexts" ],
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "name" : "name",
+ "description" : "description",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier",
+ "parameters" : [ {
+ "name" : "name",
+ "description" : "description",
+ "sensitive" : true,
+ "value" : "value"
+ }, {
+ "name" : "name",
+ "description" : "description",
+ "sensitive" : true,
+ "value" : "value"
+ } ]
+ }
+ },
+ "latest" : true
+}</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>application/json</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#VersionedFlowSnapshot">VersionedFlowSnapshot</a>
+ <h4 class="field-label">400</h4>
+ NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification.
+ <a href="index.html#"></a>
+ <h4 class="field-label">401</h4>
+ Client could not be authenticated.
+ <a href="index.html#"></a>
+ <h4 class="field-label">403</h4>
+ Client is not authorized to make this request.
+ <a href="index.html#"></a>
+ <h4 class="field-label">404</h4>
+ The specified resource could not be found.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="deleteFlow"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="delete"><code class="huge"><span class="http-method">delete</span> /buckets/{bucketId}/flows/{flowId}</code></pre></div>
+ <div class="method-summary">Delete bucket flow (<span class="nickname">deleteFlow</span>)</div>
+ <div class="method-notes">Deletes a flow, including all saved versions of that flow.</div>
+
+ <h3 class="field-label">Path parameters</h3>
+ <div class="field-items">
+ <div class="param">bucketId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The bucket identifier </div> <div class="param">flowId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The flow identifier </div> </div> <!-- field-items -->
+
+
+
+
+ <h3 class="field-label">Query parameters</h3>
+ <div class="field-items">
+ <div class="param">version (required)</div>
+
+ <div class="param-desc"><span class="param-type">Query Parameter</span> — The version is used to verify the client is working with the latest version of the entity. </div> <div class="param">clientId (optional)</div>
+
+ <div class="param-desc"><span class="param-type">Query Parameter</span> — If the client id is not specified, new one will be generated. This value (whether specified or generated) is included in the response. </div> </div> <!-- field-items -->
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+ <a href="index.html#VersionedFlow">VersionedFlow</a>
+
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>{
+ "versionCount" : 0,
+ "identifier" : "identifier",
+ "bucketName" : "bucketName",
+ "permissions" : {
+ "canRead" : true,
+ "canWrite" : true,
+ "canDelete" : true
+ },
+ "createdTimestamp" : 1,
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "name" : "name",
+ "description" : "description",
+ "modifiedTimestamp" : 1,
+ "bucketIdentifier" : "bucketIdentifier",
+ "type" : "Flow",
+ "revision" : {
+ "clientId" : "clientId",
+ "lastModifier" : "lastModifier",
+ "version" : 6
+ }
+}</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>application/json</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#VersionedFlow">VersionedFlow</a>
+ <h4 class="field-label">401</h4>
+ Client could not be authenticated.
+ <a href="index.html#"></a>
+ <h4 class="field-label">403</h4>
+ Client is not authorized to make this request.
+ <a href="index.html#"></a>
+ <h4 class="field-label">404</h4>
+ The specified resource could not be found.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="exportVersionedFlow"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="get"><code class="huge"><span class="http-method">get</span> /buckets/{bucketId}/flows/{flowId}/versions/{versionNumber}/export</code></pre></div>
+ <div class="method-summary">Exports specified bucket flow version content (<span class="nickname">exportVersionedFlow</span>)</div>
+ <div class="method-notes">Exports the specified version of a flow, including the metadata and content of the flow.</div>
+
+ <h3 class="field-label">Path parameters</h3>
+ <div class="field-items">
+ <div class="param">bucketId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The bucket identifier </div> <div class="param">flowId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The flow identifier </div> <div class="param">versionNumber (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The version number format: int32</div> </div> <!-- field-items -->
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+ <a href="index.html#VersionedFlowSnapshot">VersionedFlowSnapshot</a>
+
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>{
+ "bucket" : {
+ "identifier" : "identifier",
+ "allowBundleRedeploy" : true,
+ "permissions" : {
+ "canRead" : true,
+ "canWrite" : true,
+ "canDelete" : true
+ },
+ "createdTimestamp" : 1,
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "name" : "name",
+ "description" : "description",
+ "allowPublicRead" : true,
+ "revision" : {
+ "clientId" : "clientId",
+ "lastModifier" : "lastModifier",
+ "version" : 6
+ }
+ },
+ "snapshotMetadata" : {
+ "flowIdentifier" : "flowIdentifier",
+ "comments" : "comments",
+ "author" : "author",
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "bucketIdentifier" : "bucketIdentifier",
+ "version" : 0,
+ "timestamp" : 1
+ },
+ "externalControllerServices" : {
+ "key" : {
+ "identifier" : "identifier",
+ "name" : "name"
+ }
+ },
+ "flowContents" : {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "variables" : {
+ "key" : "variables"
+ },
+ "defaultBackPressureObjectThreshold" : 7,
+ "comments" : "comments",
+ "processors" : [ {
+ "autoTerminatedRelationships" : [ "autoTerminatedRelationships", "autoTerminatedRelationships" ],
+ "bulletinLevel" : "bulletinLevel",
+ "executionNode" : "executionNode",
+ "runDurationMillis" : 2,
+ "type" : "type",
+ "propertyDescriptors" : {
+ "key" : {
+ "resourceDefinition" : {
+ "resourceTypes" : [ "FILE", "FILE" ],
+ "cardinality" : "SINGLE"
+ },
+ "displayName" : "displayName",
+ "identifiesControllerService" : true,
+ "name" : "name",
+ "sensitive" : true
+ }
+ },
+ "scheduledState" : "ENABLED",
+ "maxBackoffPeriod" : "maxBackoffPeriod",
+ "yieldDuration" : "yieldDuration",
+ "bundle" : {
+ "artifact" : "artifact",
+ "version" : "version",
+ "group" : "group"
+ },
+ "retriedRelationships" : [ "retriedRelationships", "retriedRelationships" ],
+ "annotationData" : "annotationData",
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "concurrentlySchedulableTaskCount" : 7,
+ "retryCount" : 9,
+ "penaltyDuration" : "penaltyDuration",
+ "backoffMechanism" : "PENALIZE_FLOWFILE",
+ "schedulingStrategy" : "schedulingStrategy",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "style" : {
+ "key" : "style"
+ },
+ "schedulingPeriod" : "schedulingPeriod",
+ "groupIdentifier" : "groupIdentifier",
+ "properties" : {
+ "key" : "properties"
+ }
+ }, {
+ "autoTerminatedRelationships" : [ "autoTerminatedRelationships", "autoTerminatedRelationships" ],
+ "bulletinLevel" : "bulletinLevel",
+ "executionNode" : "executionNode",
+ "runDurationMillis" : 2,
+ "type" : "type",
+ "propertyDescriptors" : {
+ "key" : {
+ "resourceDefinition" : {
+ "resourceTypes" : [ "FILE", "FILE" ],
+ "cardinality" : "SINGLE"
+ },
+ "displayName" : "displayName",
+ "identifiesControllerService" : true,
+ "name" : "name",
+ "sensitive" : true
+ }
+ },
+ "scheduledState" : "ENABLED",
+ "maxBackoffPeriod" : "maxBackoffPeriod",
+ "yieldDuration" : "yieldDuration",
+ "bundle" : {
+ "artifact" : "artifact",
+ "version" : "version",
+ "group" : "group"
+ },
+ "retriedRelationships" : [ "retriedRelationships", "retriedRelationships" ],
+ "annotationData" : "annotationData",
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "concurrentlySchedulableTaskCount" : 7,
+ "retryCount" : 9,
+ "penaltyDuration" : "penaltyDuration",
+ "backoffMechanism" : "PENALIZE_FLOWFILE",
+ "schedulingStrategy" : "schedulingStrategy",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "style" : {
+ "key" : "style"
+ },
+ "schedulingPeriod" : "schedulingPeriod",
+ "groupIdentifier" : "groupIdentifier",
+ "properties" : {
+ "key" : "properties"
+ }
+ } ],
+ "labels" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "name" : "name",
+ "width" : 1.0246457001441578,
+ "instanceIdentifier" : "instanceIdentifier",
+ "style" : {
+ "key" : "style"
+ },
+ "label" : "label",
+ "groupIdentifier" : "groupIdentifier",
+ "zIndex" : 1,
+ "height" : 1.4894159098541704
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "name" : "name",
+ "width" : 1.0246457001441578,
+ "instanceIdentifier" : "instanceIdentifier",
+ "style" : {
+ "key" : "style"
+ },
+ "label" : "label",
+ "groupIdentifier" : "groupIdentifier",
+ "zIndex" : 1,
+ "height" : 1.4894159098541704
+ } ],
+ "defaultBackPressureDataSizeThreshold" : "defaultBackPressureDataSizeThreshold",
+ "controllerServices" : [ {
+ "annotationData" : "annotationData",
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "type" : "type",
+ "propertyDescriptors" : { },
+ "scheduledState" : "ENABLED",
+ "controllerServiceApis" : [ {
+ "type" : "type"
+ }, {
+ "type" : "type"
+ } ],
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier",
+ "properties" : {
+ "key" : "properties"
+ }
+ }, {
+ "annotationData" : "annotationData",
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "type" : "type",
+ "propertyDescriptors" : { },
+ "scheduledState" : "ENABLED",
+ "controllerServiceApis" : [ {
+ "type" : "type"
+ }, {
+ "type" : "type"
+ } ],
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier",
+ "properties" : {
+ "key" : "properties"
+ }
+ } ],
+ "defaultFlowFileExpiration" : "defaultFlowFileExpiration",
+ "flowFileConcurrency" : "flowFileConcurrency",
+ "processGroups" : [ null, null ],
+ "flowFileOutboundPolicy" : "flowFileOutboundPolicy",
+ "outputPorts" : [ null, null ],
+ "name" : "name",
+ "inputPorts" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "allowRemoteAccess" : true,
+ "concurrentlySchedulableTaskCount" : 3,
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "type" : "INPUT_PORT",
+ "groupIdentifier" : "groupIdentifier",
+ "scheduledState" : "ENABLED"
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "allowRemoteAccess" : true,
+ "concurrentlySchedulableTaskCount" : 3,
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "type" : "INPUT_PORT",
+ "groupIdentifier" : "groupIdentifier",
+ "scheduledState" : "ENABLED"
+ } ],
+ "funnels" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier"
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier"
+ } ],
+ "instanceIdentifier" : "instanceIdentifier",
+ "position" : {
+ "x" : 0.8008281904610115,
+ "y" : 6.027456183070403
+ },
+ "versionedFlowCoordinates" : {
+ "registryUrl" : "registryUrl",
+ "bucketId" : "bucketId",
+ "flowId" : "flowId",
+ "version" : 6,
+ "latest" : true
+ },
+ "remoteProcessGroups" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "communicationsTimeout" : "communicationsTimeout",
+ "proxyHost" : "proxyHost",
+ "proxyPort" : 1,
+ "transportProtocol" : "RAW",
+ "outputPorts" : [ null, null ],
+ "name" : "name",
+ "targetUri" : "targetUri",
+ "proxyUser" : "proxyUser",
+ "targetUris" : "targetUris",
+ "inputPorts" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "remoteGroupId" : "remoteGroupId",
+ "comments" : "comments",
+ "targetId" : "targetId",
+ "concurrentlySchedulableTaskCount" : 5,
+ "useCompression" : true,
+ "scheduledState" : "ENABLED",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "batchSize" : {
+ "duration" : "duration",
+ "size" : "size",
+ "count" : 5
+ },
+ "groupIdentifier" : "groupIdentifier"
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "remoteGroupId" : "remoteGroupId",
+ "comments" : "comments",
+ "targetId" : "targetId",
+ "concurrentlySchedulableTaskCount" : 5,
+ "useCompression" : true,
+ "scheduledState" : "ENABLED",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "batchSize" : {
+ "duration" : "duration",
+ "size" : "size",
+ "count" : 5
+ },
+ "groupIdentifier" : "groupIdentifier"
+ } ],
+ "instanceIdentifier" : "instanceIdentifier",
+ "yieldDuration" : "yieldDuration",
+ "groupIdentifier" : "groupIdentifier",
+ "localNetworkInterface" : "localNetworkInterface"
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "communicationsTimeout" : "communicationsTimeout",
+ "proxyHost" : "proxyHost",
+ "proxyPort" : 1,
+ "transportProtocol" : "RAW",
+ "outputPorts" : [ null, null ],
+ "name" : "name",
+ "targetUri" : "targetUri",
+ "proxyUser" : "proxyUser",
+ "targetUris" : "targetUris",
+ "inputPorts" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "remoteGroupId" : "remoteGroupId",
+ "comments" : "comments",
+ "targetId" : "targetId",
+ "concurrentlySchedulableTaskCount" : 5,
+ "useCompression" : true,
+ "scheduledState" : "ENABLED",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "batchSize" : {
+ "duration" : "duration",
+ "size" : "size",
+ "count" : 5
+ },
+ "groupIdentifier" : "groupIdentifier"
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "remoteGroupId" : "remoteGroupId",
+ "comments" : "comments",
+ "targetId" : "targetId",
+ "concurrentlySchedulableTaskCount" : 5,
+ "useCompression" : true,
+ "scheduledState" : "ENABLED",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "batchSize" : {
+ "duration" : "duration",
+ "size" : "size",
+ "count" : 5
+ },
+ "groupIdentifier" : "groupIdentifier"
+ } ],
+ "instanceIdentifier" : "instanceIdentifier",
+ "yieldDuration" : "yieldDuration",
+ "groupIdentifier" : "groupIdentifier",
+ "localNetworkInterface" : "localNetworkInterface"
+ } ],
+ "groupIdentifier" : "groupIdentifier",
+ "connections" : [ {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "prioritizers" : [ "prioritizers", "prioritizers" ],
+ "comments" : "comments",
+ "flowFileExpiration" : "flowFileExpiration",
+ "selectedRelationships" : [ "selectedRelationships", "selectedRelationships" ],
+ "loadBalanceCompression" : "DO_NOT_COMPRESS",
+ "backPressureDataSizeThreshold" : "backPressureDataSizeThreshold",
+ "loadBalanceStrategy" : "DO_NOT_LOAD_BALANCE",
+ "source" : {
+ "comments" : "comments",
+ "groupId" : "groupId",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "id" : "id",
+ "type" : "PROCESSOR"
+ },
+ "labelIndex" : 2,
+ "bends" : [ null, null ],
+ "backPressureObjectThreshold" : 7,
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier",
+ "partitioningAttribute" : "partitioningAttribute",
+ "zIndex" : 4
+ }, {
+ "identifier" : "identifier",
+ "componentType" : "CONNECTION",
+ "prioritizers" : [ "prioritizers", "prioritizers" ],
+ "comments" : "comments",
+ "flowFileExpiration" : "flowFileExpiration",
+ "selectedRelationships" : [ "selectedRelationships", "selectedRelationships" ],
+ "loadBalanceCompression" : "DO_NOT_COMPRESS",
+ "backPressureDataSizeThreshold" : "backPressureDataSizeThreshold",
+ "loadBalanceStrategy" : "DO_NOT_LOAD_BALANCE",
+ "source" : {
+ "comments" : "comments",
+ "groupId" : "groupId",
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "id" : "id",
+ "type" : "PROCESSOR"
+ },
+ "labelIndex" : 2,
+ "bends" : [ null, null ],
+ "backPressureObjectThreshold" : 7,
+ "name" : "name",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier",
+ "partitioningAttribute" : "partitioningAttribute",
+ "zIndex" : 4
+ } ],
+ "parameterContextName" : "parameterContextName"
+ },
+ "flowEncodingVersion" : "flowEncodingVersion",
+ "flow" : {
+ "versionCount" : 0,
+ "identifier" : "identifier",
+ "bucketName" : "bucketName",
+ "permissions" : {
+ "canRead" : true,
+ "canWrite" : true,
+ "canDelete" : true
+ },
+ "createdTimestamp" : 1,
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "name" : "name",
+ "description" : "description",
+ "modifiedTimestamp" : 1,
+ "bucketIdentifier" : "bucketIdentifier",
+ "type" : "Flow",
+ "revision" : {
+ "clientId" : "clientId",
+ "lastModifier" : "lastModifier",
+ "version" : 6
+ }
+ },
+ "parameterContexts" : {
+ "key" : {
+ "identifier" : "identifier",
+ "inheritedParameterContexts" : [ "inheritedParameterContexts", "inheritedParameterContexts" ],
+ "componentType" : "CONNECTION",
+ "comments" : "comments",
+ "name" : "name",
+ "description" : "description",
+ "instanceIdentifier" : "instanceIdentifier",
+ "groupIdentifier" : "groupIdentifier",
+ "parameters" : [ {
+ "name" : "name",
+ "description" : "description",
+ "sensitive" : true,
+ "value" : "value"
+ }, {
+ "name" : "name",
+ "description" : "description",
+ "sensitive" : true,
+ "value" : "value"
+ } ]
+ }
+ },
+ "latest" : true
+}</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>application/json</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#VersionedFlowSnapshot">VersionedFlowSnapshot</a>
+ <h4 class="field-label">401</h4>
+ Client could not be authenticated.
+ <a href="index.html#"></a>
+ <h4 class="field-label">403</h4>
+ Client is not authorized to make this request.
+ <a href="index.html#"></a>
+ <h4 class="field-label">404</h4>
+ The specified resource could not be found.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="getFlow"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="get"><code class="huge"><span class="http-method">get</span> /buckets/{bucketId}/flows/{flowId}</code></pre></div>
+ <div class="method-summary">Get bucket flow (<span class="nickname">getFlow</span>)</div>
+ <div class="method-notes">Retrieves the flow with the given id in the given bucket.</div>
+
+ <h3 class="field-label">Path parameters</h3>
+ <div class="field-items">
+ <div class="param">bucketId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The bucket identifier </div> <div class="param">flowId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The flow identifier </div> </div> <!-- field-items -->
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+ <a href="index.html#VersionedFlow">VersionedFlow</a>
+
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>{
+ "versionCount" : 0,
+ "identifier" : "identifier",
+ "bucketName" : "bucketName",
+ "permissions" : {
+ "canRead" : true,
+ "canWrite" : true,
+ "canDelete" : true
+ },
+ "createdTimestamp" : 1,
+ "link" : {
+ "href" : "http://example.com/aeiou",
+ "params" : {
+ "key" : "params"
+ }
+ },
+ "name" : "name",
+ "description" : "description",
+ "modifiedTimestamp" : 1,
+ "bucketIdentifier" : "bucketIdentifier",
+ "type" : "Flow",
+ "revision" : {
+ "clientId" : "clientId",
+ "lastModifier" : "lastModifier",
+ "version" : 6
+ }
+}</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>application/json</code></li>
+ </ul>
+
+ <h3 class="field-label">Responses</h3>
+ <h4 class="field-label">200</h4>
+ successful operation
+ <a href="index.html#VersionedFlow">VersionedFlow</a>
+ <h4 class="field-label">400</h4>
+ NiFi Registry was unable to complete the request because it was invalid. The request should not be retried without modification.
+ <a href="index.html#"></a>
+ <h4 class="field-label">401</h4>
+ Client could not be authenticated.
+ <a href="index.html#"></a>
+ <h4 class="field-label">403</h4>
+ Client is not authorized to make this request.
+ <a href="index.html#"></a>
+ <h4 class="field-label">404</h4>
+ The specified resource could not be found.
+ <a href="index.html#"></a>
+ <h4 class="field-label">409</h4>
+ NiFi Registry was unable to complete the request because it assumes a server state that is not valid.
+ <a href="index.html#"></a>
+ </div> <!-- method -->
+ <hr/>
+ <div class="method"><a name="getFlowDiff"></a>
+ <div class="method-path">
+ <a class="up" href="index.html#__Methods">Up</a>
+ <pre class="get"><code class="huge"><span class="http-method">get</span> /buckets/{bucketId}/flows/{flowId}/diff/{versionA}/{versionB}</code></pre></div>
+ <div class="method-summary">Get bucket flow diff (<span class="nickname">getFlowDiff</span>)</div>
+ <div class="method-notes">Computes the differences between two given versions of a flow.</div>
+
+ <h3 class="field-label">Path parameters</h3>
+ <div class="field-items">
+ <div class="param">bucketId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The bucket identifier </div> <div class="param">flowId (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The flow identifier </div> <div class="param">versionA (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The first version number format: int32</div> <div class="param">versionB (required)</div>
+
+ <div class="param-desc"><span class="param-type">Path Parameter</span> — The second version number format: int32</div> </div> <!-- field-items -->
+
+
+
+
+
+
+ <h3 class="field-label">Return type</h3>
+ <div class="return-type">
+ <a href="index.html#VersionedFlowDifference">VersionedFlowDifference</a>
+
+ </div>
+
+ <!--Todo: process Response Object and its headers, schema, examples -->
+
+ <h3 class="field-label">Example data</h3>
+ <div class="example-data-content-type">Content-Type: application/json</div>
+ <pre class="example"><code>{
+ "versionB" : 6,
+ "versionA" : 0,
+ "bucketId" : "bucketId",
+ "flowId" : "flowId",
+ "componentDifferenceGroups" : [ {
+ "componentType" : "componentType",
+ "componentId" : "componentId",
+ "processGroupId" : "processGroupId",
+ "differences" : [ {
+ "differenceType" : "differenceType",
+ "differenceTypeDescription" : "differenceTypeDescription",
+ "changeDescription" : "changeDescription",
+ "valueB" : "valueB",
+ "valueA" : "valueA"
+ }, {
+ "differenceType" : "differenceType",
+ "differenceTypeDescription" : "differenceTypeDescription",
+ "changeDescription" : "changeDescription",
+ "valueB" : "valueB",
+ "valueA" : "valueA"
+ } ],
+ "componentName" : "componentName"
+ }, {
+ "componentType" : "componentType",
+ "componentId" : "componentId",
+ "processGroupId" : "processGroupId",
+ "differences" : [ {
+ "differenceType" : "differenceType",
+ "differenceTypeDescription" : "differenceTypeDescription",
+ "changeDescription" : "changeDescription",
+ "valueB" : "valueB",
+ "valueA" : "valueA"
+ }, {
+ "differenceType" : "differenceType",
+ "differenceTypeDescription" : "differenceTypeDescription",
+ "changeDescription" : "changeDescription",
+ "valueB" : "valueB",
+ "valueA" : "valueA"
+ } ],
+ "componentName" : "componentName"
+ } ]
+}</code></pre>
+
+ <h3 class="field-label">Produces</h3>
+ This API call produces the following media types according to the <span class="header">Accept</span> request header;
+ the media type will be conveyed by the <span class="header">Content-Type</span> response header.
+ <ul>
+ <li><code>application/json</code></li>
+ </ul>
+
... 17322 lines suppressed ...