This node provides authentication to access Microsoft Azure and Office 365 cloud services. It supports the standard authentication of Azure AD/Office 365 (based on OAuth 2), as well as authentication mechanisms specific to Azure Storage.
Options
- Authentication type
- Authentication type to use. The following types are supported:
- Interactive (OAuth 2): Interactive user login in your web browser, when you click on Login. In the browser window that pops up, you may be asked to consent to the scopes of access. The acquired access token typically will only be valid for a short amount of time, then you need to login again. Technically, this uses the OAuth 2.0 authorization code flow.
- Username/Password (OAuth 2: Non-interactive user login. This is well-suited for workflows on KNIME Hub, however you cannot to consent to the scopes of access, hence consent must be given beforehand, e.g. during a previous interactive login, or by an Azure AD directory admin. Second, accounts that require multi-factor authentication (MFA) will not work. Technically, this uses the OAuth 2.0 Resource Owner Password Credentials flow.
- Client/Application secret (OAuth 2): Non-interactive login as the service principal of the configured client/app. This is well-suited for workflows on KNIME Hub. Technically, this uses the OAuth 2.0 client credentials flow. MicrosoftAzure cloud services are accessed on behalf of the application's service principal, not on behalf of a user (see here).
- Azure storage shared key: Authenticates using an Azure storage account and its secret key. Can only be used to access Azure Blob Storage and Azure Data Lake Storage Gen2.
- Azure Storage shared access signature (SAS): Authenticates using a shared access signature (SAS). Can only be used to access Azure Blob Storage and Azure Data Lake Storage Gen2. For more details on shared access signatures see here.
- Azure tenant ID (or domain)
- The directory tenant the application plans to operate against, in ID or domain-name format, for example cf47ff49-7da6-4603-b339-f4475176432b, or mycompany.onmicrosoft.com.
- Username and password
- The username and password to use.
- Client/App ID and secret
- The client/app ID and secret to use.
- Storage account name and shared/access key
- The storage account name and shared key (also called access key) to use.
- Service SAS URL
- The Azure Service SAS URL. Note that only Service SAS is supported. The SAS URL must delegate access to the Blob storage service, or an object within.
- How to select scopes
- Scopes are permissions that need to be requested during login. They specify what the resulting access token can be used for. This setting defines whether to select scopes from a list of predefined standard scopes or to enter custom scopes manually.
- Standard scopes (delegated permissions)
- Choose scopes from a predefined list of standard scopes. These scopes are delegated permissions and define what the resulting access token can be used for.
- Standard scopes (application permissions)
- Choose scopes from a predefined list of standard scopes. These scopes are application permissions and define what the resulting access token can be used for.
- Custom scopes
- Enter a list of custom scopes to request during login. These scopes are permissions and define what the resulting access token can be used for.
- Azure Storage account
- If the Azure Blob Storage/Azure Data Lake Storage Gen2 scope is chosen, then this field specifies the specific Azure storage account to request access to.
- Which authorization endpoint to use
- Whether to use the Microsoft default authorization endpoint, or a custom one.
- Endpoint URL
- Custom authorization endpoint URL to use.
- Which client/app to use
- Whether to use the KNIME default app, or enter a custom one. The KNIME default app is called "KNIME Analytics Platform" and its ID is cf47ff49-7da6-4603-b339-f4475176432b.
- Custom client/app ID
- The custom client/app ID to use.
- Redirect URL (should be http://localhost:XXXXX)
- Redirect URL to use during interactive login. Technical note: Only URLs such as http://localhost:37489 are allowed (localhost, no https, random non-privileged port number). Any URL entered here must be part of the configuration of your custom app.
- HTTP User-Agent
- Whether to use the default HTTP User-Agent or a custom one, when fetching the OAuth2 access token. The default User-Agent is OS-specific, for example "KNIME (Windows 11)". A custom User-Agent only needs to be set in rare cases, for example if the default User-Agent is rejected by a conditional access rule in Azure Entra ID.
- Custom HTTP User-Agent
- Sets a custom HTTP User-Agent when fetching the OAuth2 access token. This only needs to be set in rare cases, where the default KNIME User-Agent is rejected.
- Login
- Clicking on login opens a new browser window/tab which allows to interactively log into the service.
Views
- This node has no views
Workflows
20240221 - Aba Gasto Sharepoint OficialKNIME Hub- Aba Gasto Sharepoint OficialKNIME Hub
- Aba Gasto Sharepoint OficialKNIME Hub
- Aba Gasto Teste 2024KNIME Hub
- ConsolidadoKNIME Hub
- Show all 21 workflows
Links
- No links available
Developers
You want to see the source code for this node? Click the following button and we’ll use our super-powers to find it for you.
To use this node in KNIME, install the extension KNIME Office 365 Connectors from the below update site following our NodePit Product and Node Installation Guide:
v5.2
A zipped version of the software site can be downloaded here.
Plugin provider: KNIME AG, Zurich, Switzerland
Plugin version: 5.2.2.v202403071028
On NodePit since: 2023-12-06
Last update: 2024-04-26
KNIME versions: Since v5.2
Deploy, schedule, execute, and monitor your KNIME workflows locally, in the cloud or on-premises – with our brand new NodePit Runner.
Try NodePit Runner!Contact
Do you have feedback, questions, comments about NodePit, want to support this platform, or want your own nodes or workflows listed here as well? Do you think, the search results could be improved or something is missing? Then please get in touch! Alternatively, you can send us an email to mail@nodepit.com, follow @NodePit on Twitter or botsin.space/@nodepit on Mastodon.
Please note that this is only about NodePit. We do not provide general support for KNIME — please use the KNIME forums instead.