User17342782508139186850 (Customer) asked a question.
I'm very confused as very less or no resource available to setup Kafka with OAUTH2.
This is the setup with kafka and okta
For Kafka Server
*********SECURITY using OAUTHBEARER authentication ***************
sasl.enabled.mechanisms=OAUTHBEARER
sasl.mechanism.inter.broker.protocol=OAUTHBEARER
security.inter.broker.protocol=SASL_PLAINTEXT
listeners=SASL_PLAINTEXT://localhost:9093
advertised.listeners=SASL_PLAINTEXT://localhost:9093
*Authorizer for ACL
authorizer.class.name=kafka.security.auth.SimpleAclAuthorizer
super.users=User:0oalmwzen2tCuDytB05d7;
**************** OAuth Classes *********************
sasl.jaas.config=org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required OAUTH_LOGIN_SERVER=dev-someid.okta.com OAUTH_LOGIN_ENDPOINT='/oauth2/default/v1/token' OAUTH_LOGIN_GRANT_TYPE=client_credentials OAUTH_LOGIN_SCOPE=broker.kafka OAUTH_AUTHORIZATION='Basic AFSDFASFSAFWREWSFDSAFDSAFADSFDSFDASFWERWEGRDFASDFAFEWRSDFSDFW==' OAUTH_INTROSPECT_SERVER=dev-someid.okta.com OAUTH_INTROSPECT_ENDPOINT='/oauth2/default/v1/introspect' OAUTH_INTROSPECT_AUTHORIZATION='Basic AFSDFASFSAFWREWSFDSAFDSAFADSFDSFDASFWERWEGRDFASDFAFEWRSDFSDFW==';
listener.name.sasl_plaintext.oauthbearer.sasl.login.callback.handler.class=com.oauth2.security.oauthbearer.OAuthAuthenticateLoginCallbackHandler
listener.name.sasl_plaintext.oauthbearer.sasl.server.callback.handler.class=com.oauth2.security.oauthbearer.OAuthAuthenticateValidatorCallbackHandler
********** SECURITY using OAUTHBEARER authentication ***************
I'm able to start
But I'm unsure whether these are the property I need to use.
Also I want to write a generic producer and consumer in Java which can use Okta, keycloak, some other OAuth2 providers.
Can you please advice me?
Hello @User17342782508139186850 (Customer) , thank you for contacting Okta Community.
I've reviewed our documentation for something relevant. It looks like your question is more appropriate for our dedicated Okta Developer Forum. I advise reaching out via devforum.okta.com as they will have more insight into this topic.
In the meantime, you can reference these articles from Okta Developer:
Kafka with Java: Build a Secure, Scalable Messaging App
Secure Kafka Streams with Quarkus and Java
While we'll do our best to answer your questions here, this medium is more inclined towards Okta's core products and features (non-developer work).
Regards.
--
Help others in the community by liking or hitting Select as Best if this response helped you.