Configure clients on a producer or consumer level
Learn how to configure client authentication using delegation tokens on a producer or consumer level.
You can set up client authentication by configuring the JAAS configuration property as well
as other mandatory properties for each client. All properties can be set in the
producer.properties
or consumer.properties
file of the
client. With this configuration method, you have the ability to specify different token
details for each Kafka client within a JVM. As a result you can configure Kafka clients in a
way that each of them use a unique token for authentication.
sasl.jaas.config=org.apache.kafka.common.security.scram.ScramLoginModule required \
username="tokenID" \
password="lAYYSFmLs4bTjf+lTZ1LCHR/ZZFNA==" \
tokenauth="true";
security.protocol=SASL_SSL
sasl.mechanism=SCRAM-SHA-256
Within the JAAS configuration, there are three options that need to be specified. These
are the username
, password
and
tokenauth
options.
The username
and password
options specify the token
ID and token HMAC. The tokenauth
option expresses the intent to use
token authentication to the server.