[ https://issues.apache.org/jira/browse/NIFI-11014?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17676438#comment-17676438 ]
Irudya Raj commented on NIFI-11014: ----------------------------------- [~exceptionfactory] I can now use x.509 authentication to access APIs where my NiFi server is secured with Keycloak. Thanks for your advice! > JWT token is rejected by NiFi when calling APIs > ----------------------------------------------- > > Key: NIFI-11014 > URL: https://issues.apache.org/jira/browse/NIFI-11014 > Project: Apache NiFi > Issue Type: Bug > Components: NiFi Stateless > Affects Versions: 1.15.3 > Environment: NiFi with Keycloak as OIDC provider. > Reporter: Irudya Raj > Priority: Major > Attachments: authorizations.xml, authorizers.png, fap.png, > nifi-log.png, users.png > > > I have created oauth token using spring boot and transferred this token to > authorization header bearer. NiFi is configured with PS512 JWS algorithm via > nifi.security.user.oidc.preferred.jwsalgorithm property. But the API request > fails with message "nifi unable to validate the id token: signed jwt > rejected: another algorithm expected, or no matching key(s) found" > I am able to use NiFi web. Keycloak is configure to use PS512 algo for ID > token and access tokens. -- This message was sent by Atlassian Jira (v8.20.10#820010)