values.yaml
YAML file as follows, and then update the resource.
enabled
: Required. Set it to true
if you want to enable OAuth2 authentication. By default, it is set to false
.oauthIssuerUrl
: Required. The URL of your OAuth2 identity provider that allows a Pulsar client to obtain an access token.oauthAudience
: Required. The identifier that all tokens must be issued for.oauthSubjectClaim
: Required. The JWT claim that is used as the user name. By default, it is set to sub
.oauthScopeClaim
: Required. The JWT claim that is used as the scope claims. By default, it is set to scope
.oauthAuthzRoleClaim
: Required. The JWT claim that is used as the authentication role.oauthAuthzAdminRole
: Required. The Authentication Role to operate as a Pulsar superuser.brokerClientCredential
: Optional. It is used to create a credential with the client ID and the Secret.brokerClientAuthenticationPlugin
: Optional. The broker authentication plugin.brokerClientAuthenticationParameters
: Optional. The authentication parameters that are set on the broker. It contains a path to the broker’s key file, as mounted into the broker pod.authenticationProvider
: Required. The authentication provider that identifies a client and then assigns a role token to that client. By default, it is set to io.streamnative.pulsar.broker.authentication.AuthenticationProviderOAuth
.authorizationProvider
: Required. The authorization provider that authorizes a service account. By default, it is set to io.streamnative.pulsar.broker.authorization.AuthorizationProviderOAuth
.enabled
: enable Auth0 OAuth2 authentication.oauthIssuerUrl
: the URL of the Auth0 OAuth2 identity provider that allows a Pulsar client to obtain an access token.oauthAudience
: the Auth0 OAuth2 client ID that is used by StreamNative Platform for requesting an Auth0 OAuth2 token.enabled
: enable Azure AD OAuth2 authentication.oauthIssuerUrl
: the URL of the Azure AD OAuth2 identity provider that allows a Pulsar client to obtain an access token.oauthAudience
: the OAuth2 client ID that is used by StreamNative Platform for requesting an OAuth2 token.oidcIssuers
option to specify the OAuth2 identity providers and then configure parameters for each of the OAuth2 identity providers. The oidcIssuers
is a map of multiple OAuth2 identity providers. If it is not set, a single OAuth2 identity provider will be used. For details about how to configure OAuth2 authentication, see configure OAuth2 authentication.
This example shows how to enable Auth0 and Azure AD OAuth2 authentication on StreamNative Platform.