Solved
Kafka topic using OAuth2 authentication
Hello,
Does anyone have an example of a work Kafka topic that is using OAuth2 authentication?
Thank you in advance!
J-F
Forum Discussion
21 Replies
- sonya_m
Alumni
Hi jfnumainville ! Thank you for the question. In theory, this should work. While there's no detailed instruction, I hope this document can be of some help!
https://support.smartbear.com/readyapi/docs/testing/kafka/auth.html#manual
I also recommend looking into Kafka documentation and searching there for parameters needed for OAuth 2.0.
Thank you sonya_m for your reply. 😀
The main obstacle I have with adding custom authentication parameters to the Kafka event connection settings is that the OAuth2 token needs to be dynamically generated as it expires after 60 minutes. Would there be a way to generate the token and then put a reference to it into the connection settings?
J-F
- sonya_m
Hi jfnumainville ! Looks like this can't be done out of the box, unfortunately. We do have ways to automate tokens but it won't work for Kafka.
Looks like this is a great feature request material, please feel free to submit it here.
- DanielPomian
Staff
Hi jfnumainville , thank you for your feature request! We are working on adding your feature (OAuth2.0 support for Kafka) to ReadyAPI. We plan to include it in one of the next app versions.
Can you please let us know which Get Access Token flows you like to use (more often) to get the access token from the authorisation server?
We have prioritised these types, starting with the most important one (based on most used flows and based on the use case): Authorization Code grant, Implicit Grant, Resource Owner Password Credentials Grant, Client Credentials Grant and JWT Profile Authorization Grants (please see the attached image for that).
Thank you,Daniel, SmartBear ReadyAPI team
Hi DanielPomian ,
This is great news! Our team is using the Client Credentials Grant flow.
Looking forward to using this feature in the future.
Thank you,
J-F
- DanielPomian
Hi J-F,
Thanks for your quick response ! that is very useful for us 🙂
Can you also please let us know what version of Kafka & Kafka clients are you using ?
Thank you ,
Daniel
Hey DanielPomian,
We're using the following:
Kafka sidecar -> 2.2.3
Proxy sidecar -> 2.4.0
Is that all the info you need? Please let me know if you need more 😄
J-F
- DanielPomian
Thank you, J-F. That is all for now 🙂 We will definitely reach out again when we will need more info - thank you for your support 🙂
Daniel
- DanielPomian
Hi J-F
The development of this feature is in progress now , and we have a new question : can you please tell me - are you using / planning to use the OAuth2.0 auth type or are you thinking to use the OAuth2.0 Azure or OAuth2.0 JWT Bearer?
Thanks,
Daniel
Hello DanielPomian,
We are currently using OAuth2.0 and we have no plans to use the "OAuth2.0 Azure" or the "OAuth2.0 JWT Bearer" types.
Have a good day,
J-F
- DanielPomian
Thanks, J-F!
- DanielPomian
Hi J-F
Can you please let us know what kind of grant type (Client Credentials, Implicit …) are you using between your Apache Kafka and Authorisation server? We would like to cover your setup too in our testing process.Thanks,
Daniel
Hey Daniel,
We are using the "Client Credentials" grant type.
Thank you for your efforts on adding this feature,
J-F
- DanielPomian
Thank you , J-F
Daniel
Hi all,
seems that I have just found somebody with an similar issue. We also use oauth2 for Kafka topics. But, although the advanced configuration detects the ttl of the token it doesn't automatically generate or refresh it.
We have a similar setup as jfnumainville but had to implement a groovy script in order to have the token generated or refreshed. I had hoped that release 3.41.0 would bring a solution to this, since oauth2 was explicitly mentioned in the release notes, but it apparently didn't.
As this issue is highlighted as solved, I would be interested in the solution.
Regards all and happy testing
Holger
 
- DanielPomian
Hi Holger,
Thank you for raising this problem. I will add it our prioritised backlog and we will aim to fix it in one of our next sprints.
Regards and happy testing !
Daniel
