SASL/OAUTHBEARER authenticationv3.15+

Authenticate to a Kafka broker using SASL/OAUTHBEARER. Kong Gateway fetches and renews OAuth 2.0 access tokens automatically using the client credentials grant.

Prerequisites

  • You have a Kafka cluster

  • You have a Kafka topic in the cluster

  • An OAuth 2.0 identity provider that supports the client credentials grant

Environment variables

  • BOOTSTRAP_SERVER_HOST: The bootstrap server host.

  • KAFKA_TOPIC: The name of the Kafka topic to consume from.

  • TOKEN_ENDPOINT_URL: The URL of the OAuth 2.0 token endpoint.

  • CLIENT_ID: The OAuth 2.0 client ID.

  • CLIENT_SECRET: The OAuth 2.0 client secret.

Set up the plugin

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!