Discussion on: Setup a secure Apache NiFi cluster in Kubernetes

[Anmol bansal]

Hi Jannik Rebmann,

I am trying this configuration but i am facing some issue .
Using oidc nifi and nifi-registry redirect-uri is coming as below:

Nifi : https://:443/nifi-api/access/oidc/callback
Nifi-registry: http://:80/nifi-registry-api/access/oidc/callback

is there something i am missing. why nifi-registry oidc redirect uri is coming on http. but in logs it is running on https(18443).

Please help me out here.

[kamniphat01]

Hi @anmoln4

I had face this issue before you need add header x-proxyscheme: https and x-proxyport:443 in request-transformer for nifi to redirect https header instead of http

Name:         request-transformer
Namespace:    nifi-test
Labels:       <none>
Annotations:  kubernetes.io/ingress.class: xxxxx
API Version:  configuration.konghq.com/v1
Config:
  Add:
    Headers:
      X-ProxyScheme:https
      X-ProxyPort:443

Hope its help you.

[Jannik Rebmann]

Hi @anmoln4

I think I need more information about your OIDC configuration.

The Callback URL must be set with your OIDC provider. This is the URL that sends back the OIDC authentication response to your NIFI service.

So maybe you have set http://:80/nifi-registry-api/access/oidc/callback as Callback URL on your OIDC server?