Here is my 2nd curl command: curl ' -H 'Content-Type: */* Authorization: Bearer 0Ea_fok6qV5ghnf65FPbO9Reh_MQxVG2Q1krl4%' -compressed -insecure -tlsv1. Are you running the curl commands on the same system with the NiFi instance you are running the curl command against Try running the curl commands from a remote system that can reach the NiFi instance. I generated the schema using (draft 7) and saved the generated schema in the file and matched the generated schema against. Bad Content-Type header value: 'text/html Authorization: Bearer 9lidDYqzkdyTUumh20CrPdFnXHiZRzYk%'Powered by Jetty:// 9.3.9.v20160517 I am using rest assured and validating JSON schema using it.
Download Clients and Apps to use the PowerFolder Cloud.
You’re seeing an invalid token error because the token you’re using is from the session prior to user login. Once authentication occurs, a new session is created and thus a new CSRF token is required. Problem accessing /nifi-api/flow/history. Download PowerFolder Sync,Share and Backup Clients, Apps and Servers. The CSRF token is being reused for requests subsequent to authentication A CSRF token is only valid for the initial session.
I checked the 2 posts about this error in HCC and per the suggestions there, 1) I made sure we have LDAP authentication enabled 2) I made sure I'm using the same server and port in both curl commands 3) I checked several API end points to rule out that my login does not have permissions to the specific API end point I tried the following API end points and all of them return the same "Unable to validate the access token" error - flow/status, flow/history, flow/about, flow/search-results, processors/ĭo you guys see what's wrong with these API calls ?įollowing your suggestion, I added the Content-type and -tslv1.2 option, and now I'm getting a different error - Bad Content-Type Įrror 400 Bad Content-Type header value: 'text/html Authorization: Bearer 9lidDYqzkdyTUumh20CrPdFnXHiZRzYk%' curl ' -H 'Authorization: Bearer 0Ea_fok6qV5ghnf65FPbO9Reh_MQxVG2Q1krl4%' -compressed -insecure Below is one where I'm calling the System Diagnostics end point and returns the error. In the 2nd API call where I use the token from the above call, I'm getting the "Unable to validate the access token" for just about all end-points I checked. curl ' -H 'Content-Type: application/x-www-form-urlencoded charset=UTF-8' -data 'username=&password=' -compressed -insecure In certain situations it might be necessary to connect to an external service via SSL, e.g. (I checked a few).įollowing other posts in HCC, I'm first using the below call to get the access token, which is successful, it returns a token. I am unable to use csurf in this basic test application, no matter what I do I always get 'ForbiddenError: invalid csrf token' after sending a form.
What Problem Will Happen ¶ġ.The user client DOES NOT accept cookie.Ģ.The user client CAN NOT send a request with cookie.įor example: upload file use flash (swfupload) How To Solve ¶Ī good solution is to use session instead of cookie.ġ.I'm getting the "Unable to validate the access token" when calling NiFi API, for all API end points that I checked. When using AJAX calls to rails methods, send CSRF token to validate the request - ajax-csrf-rails.js. The I run the rest query using a post operation. When you submit the form, Yii will compare two CSRF tokens from post and cookie. I have the script logon to the server first and save the session. Note: When you ebable CSRF validation and use form builder to generate a form(only post), Yii will auto generate a hidden field and put it in the form, at the same time, Yii will create a cookie with CSRF token. First of all, You must change component config to enable the default Yii CSRF validation.