Access Cloud Clusters using Pulsar Clients with OAuth 2.0

Use the following information to configure your Pulsar clients to use the OAuth2 authentication mechanism for connecting to StreamNative Cloud clusters.

Service URLs

In order to connect to a StreamNative Cloud cluster, you need to get its service URLs.

You can get a cluster’s service URLs by following the steps below:

Navigate to the Cluster Workspace page.
Navigate to the Details tab, and in the Access Points section, you can find all the available service URLs of this cluster. Click Copy at the end of the row of the service URL to copy the URL.

HTTP Service URL (TLS): The URL of Pulsar Admin HTTP service.
Broker Service URL (TLS): The URL of Pulsar broker service.

OAuth 2.0 Credentials

Before configuring your Pulsar clients to use OAuth 2.0 for connecting to StreamNative Cloud clusters, you need to prepare an OAuth 2.0 credential file for your clients by following the steps below.

StreamNative OAuth2

If you are using StreamNative’s built-in OAuth2 service, you can download the OAuth2 credential file for the service account that you want to use for your clients by following these steps:

Navigate to the Accounts & Accesses page.
On the left navigation pane, click Service Accounts.
In the row of the service account you want to use, click ....
In the dropdown menu, click Download OAuth2 Key to download the OAuth2 credential file to your local directory.

The downloaded credentials file contains the service account credentials used for client authentication. The following is an example of the credentials file for a service account sa of organization my_org. Both client_id and client_secret are required while the other fields are optional. Since the credentials file contains client_secret, please make sure the credentials file is stored in a safe place.

{
  "type":"sn_service_account",
  "client_id":"PZWBM2tMCVDFQ1lQInIaYgG4k1OSqwIO",
  "client_secret":"EZr...Kgv",
  "client_email":"sa@my_org.auth.streamnative.cloud",
  "issuer_url":"https://auth.streamnative.cloud"
}

Navigate to the Accounts & Accesses page.
On the left navigation pane, click Service Accounts.
In the row of the service account you want to use, click ....
In the dropdown menu, click Download OAuth2 Key to download the OAuth2 credential file to your local directory.

{
  "type":"sn_service_account",
  "client_id":"PZWBM2tMCVDFQ1lQInIaYgG4k1OSqwIO",
  "client_secret":"EZr...Kgv",
  "client_email":"sa@my_org.auth.streamnative.cloud",
  "issuer_url":"https://auth.streamnative.cloud"
}

OIDC Federation

If you are using an OIDC-compliant identity provider via OIDC Federation, you can prepare the credentials information to configure your Pulsar clients to use OAuth 2.0 for connecting to StreamNative Cloud clusters. Create a credentials file containing the client_id and client_secret of your service account:

{
  "client_id":"PZWBM2tMCVDFQ1lQInIaYgG4k1OSqwIO",
  "client_secret":"EZr...Kgv"
}

Configure Pulsar Applications

Once you have the credentials file, you can follow the steps below to configure your Pulsar applications to use OAuth2 authentication.

First of all, since Pulsar clients support different authentication plugins, you need to configure the Pulsar clients to use OAuth2 authentication plugin. For example, you can configure the Pulsar Java clients to use org.apache.pulsar.client.impl.auth.oauth2.AuthenticationOAuth2.

Secondly, you need to prepare the authentication parameters for OAuth2 authentication. The following table outlines the parameters required for configuring OAuth2 authentication.

Parameter	Description	Example	Required or not
`type`	OAuth 2.0 authentication type. Currently, Pulsar clients only support the `client_credentials` authentication type.	`client_credentials` (default)	Optional
`issuerUrl`	The URL of the authentication provider which allows the Pulsar client to obtain an access token. Currently, StreamNative Cloud only support Auth0 as the identity provider. So the value here should be `https://auth.streamnative.cloud`.	`https://auth.streamnative.cloud`	Required
`credentialsUrl`	The URL to the JSON credentials file. It supports the following pattern formats: `file:///path/to/file` `data:application/json;base64,<base64-encoded value>`	`file:///path/to/my_service_account_key.json`	Required
`audience`	The OAuth 2.0 resource server identifier for a Pulsar cluster. In StreamNative Cloud, a Pulsar cluster is identified by a Uniform Resource Name (URN), which is in the following format `urn:sn:pulsar:${your_orgnization_id}:${instance_name}`.	`urn:sn:pulsar:my_org:my_instance`	Required for `StreamNative OAuth2` but optional for OIDC Federation
`scope`	The scope of an access request. For more information, see access token scope	api://pulsar-cluster-1/.default	Optional

Configure Pulsar Clients

This section describes how to configure Pulsar clients to connect to a StreamNative Cloud cluster urn:sn:pulsar:my_org:my_instance using OAuth2. Please notes:

For StreamNative OAuth2, audience is required.
For OIDC Federation, based on your identity provider, you may need to specify the scope and/or audience parameters accordingly.

import org.apache.pulsar.client.impl.auth.oauth2.AuthenticationFactoryOAuth2;

URL issuerUrl = new URL("https://auth.streamnative.cloud");
URL credentialsUrl = new URL("file:///path/to/credentials.json");
String audience = "urn:sn:pulsar:my_org:my_instance";

PulsarClient client = PulsarClient.builder()
    .serviceUrl("<PULSAR_BROKER_URL>")
    .authentication(
        AuthenticationFactoryOAuth2.clientCredentials(issuerUrl, credentialsUrl, audience))
    .build();

import org.apache.pulsar.client.impl.auth.oauth2.AuthenticationFactoryOAuth2;

URL issuerUrl = new URL("https://auth.streamnative.cloud");
URL credentialsUrl = new URL("file:///path/to/credentials.json");
String audience = "urn:sn:pulsar:my_org:my_instance";

PulsarClient client = PulsarClient.builder()
    .serviceUrl("<PULSAR_BROKER_URL>")
    .authentication(
        AuthenticationFactoryOAuth2.clientCredentials(issuerUrl, credentialsUrl, audience))
    .build();

from pulsar import Client, AuthenticationOauth2

params = '''
{
    "issuer_url": "https://auth.streamnative.cloud",
    "private_key": "/path/to/credentials.json",
    "audience": "urn:sn:pulsar:my_org:my_instance"
}
'''

client = Client("<PULSAR_BROKER_URL>", authentication=AuthenticationOauth2(params))

#include <pulsar/Client.h>

pulsar::ClientConfiguration config;
std::string params = R"({
    "issuer_url": "https://auth.streamnative.cloud",
    "private_key": "/path/to/credentials.json",
    "audience": "urn:sn:pulsar:my_org:my_instance"})";

config.setAuth(pulsar::AuthOauth2::create(params));

pulsar::Client client("<PULSAR_BROKER_URL>", config);

const Pulsar = require('pulsar-client')
const issuer_url = 'https://auth.streamnative.cloud/'
const private_key = '/path/to/credentials.json'
const audience = 'urn:sn:pulsar:my_org:my_instance'
const service_url = '<PULSAR_BROKER_URL>'

;(async () => {
  const params = {
    issuer_url: issuer_url,
    private_key: private_key,
    audience: audience,
  }

  const auth = new Pulsar.AuthenticationOauth2(params)

  const client = new Pulsar.Client({
    serviceUrl: service_url,
    authentication: auth,
    operationTimeoutSeconds: 30,
  })
  await client.close()
})()

oauth := pulsar.NewAuthenticationOAuth2(map[string]string{
        "type":       "client_credentials",
        "issuerUrl":  "https://auth.streamnative.cloud/",
        "audience":   "urn:sn:pulsar:my_org:my_instance",
        "privateKey": "/path/to/credentials.json",
    })
client, err := pulsar.NewClient(pulsar.ClientOptions{
        URL:              "<PULSAR_BROKER_URL>",
        Authentication:   oauth,
})

let addr = "<PULSAR_BROKER_URL>".to_string();
let mut builder = Pulsar::builder(addr, TokioExecutor);
builder = builder.with_auth_provider(OAuth2Authentication::client_credentials(OAuth2Params {
    issuer_url: "https://auth.streamnative.cloud/".to_string(),
    credentials_url: "file:///path/to/credentials.json".to_string(),
    audience: "urn:sn:pulsar:my_org:my_instance".to_string(),
    scope: None,
}));

let pulsar: Pulsar<_> = builder.build().await?;

var fileUri = new Uri("file:///path/to/credentials.json");
var issuerUrl = new Uri("https://auth.streamnative.cloud/");
var audience = "urn:sn:pulsar:my_org:my_instance";
const string serviceUrl = "<PULSAR_BROKER_URL>";

var client = await new PulsarClientBuilder()
    .ServiceUrl(serviceUrl)
    .Authentication(AuthenticationFactoryOAuth2.ClientCredentials(issuerUrl, audience, fileUri))
    .BuildAsync();

In the example above:

Replace <PULSAR_ADMIN_URL> and/or <PULSAR_BROKER_URL> with the right admin and/or broker URL of your Pulsar cluster. You can get the service URLs in the Cluster Details page of the StreamNative Cloud Console.
Replace urn:sn:pulsar:my_org:my_instance with the right URN of your Pulsar cluster.
Replace file:///path/to/credentials.json with the right file path of your downloaded credentials file from the StreamNative Cloud Console.

You can find detailed examples in Build Applications with Pulsar.

Configure Pulsar Command-line tools

This section describes how to use Pulsar command-line tools to connect to a StreamNative Cloud cluster urn:sn:pulsar:my_org:my_instance using OAuth2.

bin/pulsar-admin \
    --admin-url <PULSAR_ADMIN_URL> \
    --auth-plugin org.apache.pulsar.client.impl.auth.oauth2.AuthenticationOAuth2 \
    --auth-params '{"privateKey":"file:///path/to/credentials.json", \
        "issuerUrl":"https://auth.streamnative.cloud", \
        "audience":"urn:sn:pulsar:my_org:my_instance"}' \
    tenants list

bin/pulsar-admin \
    --admin-url <PULSAR_ADMIN_URL> \
    --auth-plugin org.apache.pulsar.client.impl.auth.oauth2.AuthenticationOAuth2 \
    --auth-params '{"privateKey":"file:///path/to/credentials.json", \
        "issuerUrl":"https://auth.streamnative.cloud", \
        "audience":"urn:sn:pulsar:my_org:my_instance"}' \
    tenants list

bin/pulsar-client \
    --url <PULSAR_BROKER_URL> \
    --auth-plugin org.apache.pulsar.client.impl.auth.oauth2.AuthenticationOAuth2 \
    --auth-params '{"privateKey":"file:///path/to/credentials.json", \
        "issuerUrl":"https://auth.streamnative.cloud", \
        "audience":"urn:sn:pulsar:my_org:my_instance"}' \
    produce test-topic -m "test-message" -n 10

bin/pulsar-perf produce \
    --service-url <PULSAR_BROKER_URL> \
    --auth-plugin org.apache.pulsar.client.impl.auth.oauth2.AuthenticationOAuth2 \
    --auth-params '{"privateKey":"file:///path/to/credentials.json", \
        "issuerUrl":"https://auth.streamnative.cloud", \
        "audience":"urn:sn:pulsar:my_org:my_instance"}' \
    -r 1000 -s 1024 test-topic

In order to use snctl to connect to a StreamNative Cloud cluster using OAuth2, you can follow the steps below:

1. Make your target StreamNative Cloud cluster as `snctl` current service context

snctl context use --organization <ORGANIZATION> --pulsar-instance <SNCLOUD_INSTANCE> --pulsar-cluster <SNCLOUD_CLUSTER>

2. Use `snctl` provided client and admin tools

You will be able to use snctl pulsar admin or snctl pulsar client to access to the StreamNative Cloud cluster.

snctl pulsar admin tenants list # list all tenants

In order to use pulsarctl to connect to a StreamNative Cloud cluster using OAuth2, you can follow the steps below:

1. Create a context to point to a StreamNative Cloud cluster

pulsarctl context set <context-name> \
    --admin-service-url <PULSAR_ADMIN_URL> \
    --issuer-endpoint https://auth.streamnative.cloud \
    --audience urn:sn:pulsar:my_org:my_instance \
    --key-file /path/to/credentials.json

2. Activate the service account

You need to activate the service account used in the context before running other Pulsar commands.

pulsarctl oauth2 activate

After successfully running the command, you should see a similar output as below:

Logged in as sa@my_org.auth.streamnative.cloud.
Welcome to Pulsar!

In the example above:

Replace <PULSAR_ADMIN_URL> and/or <PULSAR_BROKER_URL> with the right admin and/or broker URL of your Pulsar cluster. You can get the service URLs in the Cluster Details page of the StreamNative Cloud Console.
Replace urn:sn:pulsar:my_org:my_instance with the right URN of your Pulsar cluster.
Replace file:///path/to/credentials.json with the right file path of your downloaded credentials file from the StreamNative Cloud Console.

On this page

Service URLs
OAuth 2.0 Credentials
StreamNative OAuth2
OIDC Federation
Configure Pulsar Applications
Configure Pulsar Clients
Configure Pulsar Command-line tools

Use the following information to configure your Pulsar clients to use the OAuth2 authentication mechanism for connecting to StreamNative Cloud clusters.

Service URLs

In order to connect to a StreamNative Cloud cluster, you need to get its service URLs.

You can get a cluster’s service URLs by following the steps below:

Navigate to the Cluster Workspace page.
Navigate to the Details tab, and in the Access Points section, you can find all the available service URLs of this cluster. Click Copy at the end of the row of the service URL to copy the URL.

HTTP Service URL (TLS): The URL of Pulsar Admin HTTP service.
Broker Service URL (TLS): The URL of Pulsar broker service.

OAuth 2.0 Credentials

Before configuring your Pulsar clients to use OAuth 2.0 for connecting to StreamNative Cloud clusters, you need to prepare an OAuth 2.0 credential file for your clients by following the steps below.

StreamNative OAuth2

If you are using StreamNative’s built-in OAuth2 service, you can download the OAuth2 credential file for the service account that you want to use for your clients by following these steps:

Navigate to the Accounts & Accesses page.
On the left navigation pane, click Service Accounts.
In the row of the service account you want to use, click ....
In the dropdown menu, click Download OAuth2 Key to download the OAuth2 credential file to your local directory.

{
  "type":"sn_service_account",
  "client_id":"PZWBM2tMCVDFQ1lQInIaYgG4k1OSqwIO",
  "client_secret":"EZr...Kgv",
  "client_email":"sa@my_org.auth.streamnative.cloud",
  "issuer_url":"https://auth.streamnative.cloud"
}

Navigate to the Accounts & Accesses page.
On the left navigation pane, click Service Accounts.
In the row of the service account you want to use, click ....
In the dropdown menu, click Download OAuth2 Key to download the OAuth2 credential file to your local directory.

{
  "type":"sn_service_account",
  "client_id":"PZWBM2tMCVDFQ1lQInIaYgG4k1OSqwIO",
  "client_secret":"EZr...Kgv",
  "client_email":"sa@my_org.auth.streamnative.cloud",
  "issuer_url":"https://auth.streamnative.cloud"
}

OIDC Federation

{
  "client_id":"PZWBM2tMCVDFQ1lQInIaYgG4k1OSqwIO",
  "client_secret":"EZr...Kgv"
}

Configure Pulsar Applications

Once you have the credentials file, you can follow the steps below to configure your Pulsar applications to use OAuth2 authentication.

Secondly, you need to prepare the authentication parameters for OAuth2 authentication. The following table outlines the parameters required for configuring OAuth2 authentication.

Parameter	Description	Example	Required or not
`type`	OAuth 2.0 authentication type. Currently, Pulsar clients only support the `client_credentials` authentication type.	`client_credentials` (default)	Optional
`issuerUrl`	The URL of the authentication provider which allows the Pulsar client to obtain an access token. Currently, StreamNative Cloud only support Auth0 as the identity provider. So the value here should be `https://auth.streamnative.cloud`.	`https://auth.streamnative.cloud`	Required
`credentialsUrl`	The URL to the JSON credentials file. It supports the following pattern formats: `file:///path/to/file` `data:application/json;base64,<base64-encoded value>`	`file:///path/to/my_service_account_key.json`	Required
`audience`	The OAuth 2.0 resource server identifier for a Pulsar cluster. In StreamNative Cloud, a Pulsar cluster is identified by a Uniform Resource Name (URN), which is in the following format `urn:sn:pulsar:${your_orgnization_id}:${instance_name}`.	`urn:sn:pulsar:my_org:my_instance`	Required for `StreamNative OAuth2` but optional for OIDC Federation
`scope`	The scope of an access request. For more information, see access token scope	api://pulsar-cluster-1/.default	Optional

Configure Pulsar Clients

This section describes how to configure Pulsar clients to connect to a StreamNative Cloud cluster urn:sn:pulsar:my_org:my_instance using OAuth2. Please notes:

For StreamNative OAuth2, audience is required.
For OIDC Federation, based on your identity provider, you may need to specify the scope and/or audience parameters accordingly.

import org.apache.pulsar.client.impl.auth.oauth2.AuthenticationFactoryOAuth2;

URL issuerUrl = new URL("https://auth.streamnative.cloud");
URL credentialsUrl = new URL("file:///path/to/credentials.json");
String audience = "urn:sn:pulsar:my_org:my_instance";

PulsarClient client = PulsarClient.builder()
    .serviceUrl("<PULSAR_BROKER_URL>")
    .authentication(
        AuthenticationFactoryOAuth2.clientCredentials(issuerUrl, credentialsUrl, audience))
    .build();

import org.apache.pulsar.client.impl.auth.oauth2.AuthenticationFactoryOAuth2;

URL issuerUrl = new URL("https://auth.streamnative.cloud");
URL credentialsUrl = new URL("file:///path/to/credentials.json");
String audience = "urn:sn:pulsar:my_org:my_instance";

PulsarClient client = PulsarClient.builder()
    .serviceUrl("<PULSAR_BROKER_URL>")
    .authentication(
        AuthenticationFactoryOAuth2.clientCredentials(issuerUrl, credentialsUrl, audience))
    .build();

from pulsar import Client, AuthenticationOauth2

params = '''
{
    "issuer_url": "https://auth.streamnative.cloud",
    "private_key": "/path/to/credentials.json",
    "audience": "urn:sn:pulsar:my_org:my_instance"
}
'''

client = Client("<PULSAR_BROKER_URL>", authentication=AuthenticationOauth2(params))

#include <pulsar/Client.h>

pulsar::ClientConfiguration config;
std::string params = R"({
    "issuer_url": "https://auth.streamnative.cloud",
    "private_key": "/path/to/credentials.json",
    "audience": "urn:sn:pulsar:my_org:my_instance"})";

config.setAuth(pulsar::AuthOauth2::create(params));

pulsar::Client client("<PULSAR_BROKER_URL>", config);

const Pulsar = require('pulsar-client')
const issuer_url = 'https://auth.streamnative.cloud/'
const private_key = '/path/to/credentials.json'
const audience = 'urn:sn:pulsar:my_org:my_instance'
const service_url = '<PULSAR_BROKER_URL>'

;(async () => {
  const params = {
    issuer_url: issuer_url,
    private_key: private_key,
    audience: audience,
  }

  const auth = new Pulsar.AuthenticationOauth2(params)

  const client = new Pulsar.Client({
    serviceUrl: service_url,
    authentication: auth,
    operationTimeoutSeconds: 30,
  })
  await client.close()
})()

oauth := pulsar.NewAuthenticationOAuth2(map[string]string{
        "type":       "client_credentials",
        "issuerUrl":  "https://auth.streamnative.cloud/",
        "audience":   "urn:sn:pulsar:my_org:my_instance",
        "privateKey": "/path/to/credentials.json",
    })
client, err := pulsar.NewClient(pulsar.ClientOptions{
        URL:              "<PULSAR_BROKER_URL>",
        Authentication:   oauth,
})

let addr = "<PULSAR_BROKER_URL>".to_string();
let mut builder = Pulsar::builder(addr, TokioExecutor);
builder = builder.with_auth_provider(OAuth2Authentication::client_credentials(OAuth2Params {
    issuer_url: "https://auth.streamnative.cloud/".to_string(),
    credentials_url: "file:///path/to/credentials.json".to_string(),
    audience: "urn:sn:pulsar:my_org:my_instance".to_string(),
    scope: None,
}));

let pulsar: Pulsar<_> = builder.build().await?;

var fileUri = new Uri("file:///path/to/credentials.json");
var issuerUrl = new Uri("https://auth.streamnative.cloud/");
var audience = "urn:sn:pulsar:my_org:my_instance";
const string serviceUrl = "<PULSAR_BROKER_URL>";

var client = await new PulsarClientBuilder()
    .ServiceUrl(serviceUrl)
    .Authentication(AuthenticationFactoryOAuth2.ClientCredentials(issuerUrl, audience, fileUri))
    .BuildAsync();

In the example above:

Replace <PULSAR_ADMIN_URL> and/or <PULSAR_BROKER_URL> with the right admin and/or broker URL of your Pulsar cluster. You can get the service URLs in the Cluster Details page of the StreamNative Cloud Console.
Replace urn:sn:pulsar:my_org:my_instance with the right URN of your Pulsar cluster.
Replace file:///path/to/credentials.json with the right file path of your downloaded credentials file from the StreamNative Cloud Console.

You can find detailed examples in Build Applications with Pulsar.

Configure Pulsar Command-line tools

This section describes how to use Pulsar command-line tools to connect to a StreamNative Cloud cluster urn:sn:pulsar:my_org:my_instance using OAuth2.

bin/pulsar-admin \
    --admin-url <PULSAR_ADMIN_URL> \
    --auth-plugin org.apache.pulsar.client.impl.auth.oauth2.AuthenticationOAuth2 \
    --auth-params '{"privateKey":"file:///path/to/credentials.json", \
        "issuerUrl":"https://auth.streamnative.cloud", \
        "audience":"urn:sn:pulsar:my_org:my_instance"}' \
    tenants list

bin/pulsar-admin \
    --admin-url <PULSAR_ADMIN_URL> \
    --auth-plugin org.apache.pulsar.client.impl.auth.oauth2.AuthenticationOAuth2 \
    --auth-params '{"privateKey":"file:///path/to/credentials.json", \
        "issuerUrl":"https://auth.streamnative.cloud", \
        "audience":"urn:sn:pulsar:my_org:my_instance"}' \
    tenants list

bin/pulsar-client \
    --url <PULSAR_BROKER_URL> \
    --auth-plugin org.apache.pulsar.client.impl.auth.oauth2.AuthenticationOAuth2 \
    --auth-params '{"privateKey":"file:///path/to/credentials.json", \
        "issuerUrl":"https://auth.streamnative.cloud", \
        "audience":"urn:sn:pulsar:my_org:my_instance"}' \
    produce test-topic -m "test-message" -n 10

bin/pulsar-perf produce \
    --service-url <PULSAR_BROKER_URL> \
    --auth-plugin org.apache.pulsar.client.impl.auth.oauth2.AuthenticationOAuth2 \
    --auth-params '{"privateKey":"file:///path/to/credentials.json", \
        "issuerUrl":"https://auth.streamnative.cloud", \
        "audience":"urn:sn:pulsar:my_org:my_instance"}' \
    -r 1000 -s 1024 test-topic

In order to use snctl to connect to a StreamNative Cloud cluster using OAuth2, you can follow the steps below:

1. Make your target StreamNative Cloud cluster as `snctl` current service context

snctl context use --organization <ORGANIZATION> --pulsar-instance <SNCLOUD_INSTANCE> --pulsar-cluster <SNCLOUD_CLUSTER>

2. Use `snctl` provided client and admin tools

You will be able to use snctl pulsar admin or snctl pulsar client to access to the StreamNative Cloud cluster.

snctl pulsar admin tenants list # list all tenants

In order to use pulsarctl to connect to a StreamNative Cloud cluster using OAuth2, you can follow the steps below:

1. Create a context to point to a StreamNative Cloud cluster

pulsarctl context set <context-name> \
    --admin-service-url <PULSAR_ADMIN_URL> \
    --issuer-endpoint https://auth.streamnative.cloud \
    --audience urn:sn:pulsar:my_org:my_instance \
    --key-file /path/to/credentials.json

2. Activate the service account

You need to activate the service account used in the context before running other Pulsar commands.

pulsarctl oauth2 activate

After successfully running the command, you should see a similar output as below:

Logged in as sa@my_org.auth.streamnative.cloud.
Welcome to Pulsar!

In the example above:

Replace <PULSAR_ADMIN_URL> and/or <PULSAR_BROKER_URL> with the right admin and/or broker URL of your Pulsar cluster. You can get the service URLs in the Cluster Details page of the StreamNative Cloud Console.
Replace urn:sn:pulsar:my_org:my_instance with the right URN of your Pulsar cluster.
Replace file:///path/to/credentials.json with the right file path of your downloaded credentials file from the StreamNative Cloud Console.

On this page

Service URLs
OAuth 2.0 Credentials
StreamNative OAuth2
OIDC Federation
Configure Pulsar Applications
Configure Pulsar Clients
Configure Pulsar Command-line tools

Access Cloud Clusters using Pulsar Clients with OAuth 2.0

Service URLs

OAuth 2.0 Credentials

StreamNative OAuth2

OIDC Federation

Configure Pulsar Applications

Configure Pulsar Clients

Configure Pulsar Command-line tools

1. Make your target StreamNative Cloud cluster as `snctl` current service context

2. Use `snctl` provided client and admin tools

1. Create a context to point to a StreamNative Cloud cluster

2. Activate the service account

V4.0

V3.3

V3.2

V3.1

V3.0

V2.11

V2.10

Access Cloud Clusters using Pulsar Clients with OAuth 2.0

Service URLs

OAuth 2.0 Credentials

StreamNative OAuth2

OIDC Federation

Configure Pulsar Applications

Configure Pulsar Clients

Configure Pulsar Command-line tools

1. Make your target StreamNative Cloud cluster as `snctl` current service context

2. Use `snctl` provided client and admin tools

1. Create a context to point to a StreamNative Cloud cluster

2. Activate the service account

​Service URLs

​OAuth 2.0 Credentials

​StreamNative OAuth2

​OIDC Federation

​Configure Pulsar Applications

​Configure Pulsar Clients

​Configure Pulsar Command-line tools

​1. Make your target StreamNative Cloud cluster as snctl current service context

​2. Use snctl provided client and admin tools

​1. Create a context to point to a StreamNative Cloud cluster

​2. Activate the service account

V4.0

V3.3

V3.2

V3.1

V3.0

V2.11

V2.10

​Service URLs

​OAuth 2.0 Credentials

​StreamNative OAuth2

​OIDC Federation

​Configure Pulsar Applications

​Configure Pulsar Clients

​Configure Pulsar Command-line tools

​1. Make your target StreamNative Cloud cluster as snctl current service context

​2. Use snctl provided client and admin tools

​1. Create a context to point to a StreamNative Cloud cluster

​2. Activate the service account

Service URLs

OAuth 2.0 Credentials

StreamNative OAuth2

OIDC Federation

Configure Pulsar Applications

Configure Pulsar Clients

Configure Pulsar Command-line tools

1. Make your target StreamNative Cloud cluster as `snctl` current service context

2. Use `snctl` provided client and admin tools

1. Create a context to point to a StreamNative Cloud cluster

2. Activate the service account

Service URLs

OAuth 2.0 Credentials

StreamNative OAuth2

OIDC Federation

Configure Pulsar Applications

Configure Pulsar Clients

Configure Pulsar Command-line tools

1. Make your target StreamNative Cloud cluster as `snctl` current service context

2. Use `snctl` provided client and admin tools

1. Create a context to point to a StreamNative Cloud cluster

2. Activate the service account