io.streamnative.pulsar.handlers.kop.security.oauth.OauthLoginCallbackHandler
callback handler.OIDC Federation is not fully supported for Kafka clients yet. The support is under development.pom.xml
file:
Kafka Service URL (TCP)
: The URL of Kafka service.Kafka Schema Registry URL (HTTPS)
: The URL of Kafka schema registry service.sasl.jaas.config
) while the others are top-level configurations.
JAAS Configuration Option | Description |
---|---|
oauth.issuer.url | The URL of the authentication provider which allows the Kafka client to obtain an access token. Currently, StreamNative Cloud only support Auth0 as the identity provider. So the value here should be https://auth.streamnative.cloud . |
oauth.audience | The OAuth 2.0 resource server identifier for a Pulsar cluster. In StreamNative Cloud, a Pulsar cluster is identified by a Uniform Resource Name (URN), which is in the following format urn:sn:pulsar:${your_orgnization_id}:${instance_name} . |
oauth.credentials.url | The URL to the JSON credentials file. It supports the following pattern formats: file:///path/to/file data:application/json;base64,<base64-encoded value> |
urn:sn:pulsar:my_org:my_instance
as the instance for an example.
audience
is required.