Authentication in Kafka

Applies to ReadyAPI 3.53, last modified on June 07, 2024

By default, ReadyAPI supports authentication to Kafka brokers and schema registries using the SASL/PLAIN method with the SSL encryption and the OAuth2.0 authentication. This is a common way of authentication in Confluent. To use other authentication methods, you need to specify authentication parameters manually.

SASL/PLAIN with SSL encryption

In ReadyAPI, this authentication method is implemented through the Basic authorization profile:

  1. Create a Basic authorization profile:

    Authentication to Kafka: Create authorization profile

    Click the image to enlarge it.

    Authentication to schema registry: Create authorization profile

    Click the image to enlarge it.

    Schema registry connection settings are only available when the JSON via Avro (Schema Registry) or JSON via Protobuf (Schema Registry) message format is selected.
  2. Enter credentials:

    • Username – Username or the API key.
    • Password – User password or the client secret.
    Authentication to Kafka: Enter API key and secret

    Click the image to enlarge it.

  3. Select the profile:

    Authentication to Kafka: Select profile
    Authentication to schema registry: Select profile

OAuth2.0 authentication

  • Create an OAuth2.0 authorization profile:
    OAuth2.0 authorization profile

    Click the image to enlarge it.

    Note: OAuth2.0 (Azure) and OAuth2.0 (JWT Bearer) are not supported currently.
  • Enter the Access Token and save the profile by closing it.
  • Select the profile that you have just created:
    Profile created

    Click the image to enlarge it.

Other authentication methods

If your Kafka broker uses another authentication method, you should set the Authorization Profile to No Authorization and add custom authentication parameters to the Connection Settings. For example, to specify the SASL/PLAIN method without SSL encryption, you will need to specify the following parameters:

Name Value
sasl.mechanism PLAIN
security.protocol SASL_PLAINTEXT
sasl.jaas.config required username="Username or API key" password="Password or Client secret";
Authentication to Kafka: Custom parameters

Click the image to enlarge it.

To learn which parameters you need for other authentication methods, see the documentation of your Kafka provider.

Next Steps

See Also

AMQP Testing
Testing Internet of Things (IoT)

Highlight search results