Configure clients on an application level

Learn how to configure client authentication using delegation tokens on an application level.

With this configuration method, you can set up all clients within a JVM to use the same delegation token for authentication.

  1. Add a KafkaClient entry with a login module item to your JAAS configuration file.
    The module has to specify the username, password and tokenauth options.

    Example Configuration:

    KafkaClient {
    org.apache.kafka.common.security.scram.ScramLoginModule  required
        username="tokenID"
        password="lAYYSFmLs4bTjf+lTZ1LCHR/ZZFNA=="
        tokenauth="true";
    }
    

    The username and password options specify the token ID and token HMAC. The tokenauth option expresses the intent to use token authentication to the server.

  2. Pass the location of your JAAS configuration file as a JVM parameter through a command line interface.
    This sets the JAAS configuration on the Java process level.
    export KAFKA_OPTS="-Djava.security.auth.login.config=[PATH_TO_JAAS.CONF]"