By default, ReadyAPI supports authentication to Kafka brokers and schema registries using the SASL/PLAIN method with the SSL encryption and the OAuth2.0 authentication. This is a common way of authentication in Confluent. To use other authentication methods, you need to specify authentication parameters manually.
SASL/PLAIN with SSL encryption
In ReadyAPI, this authentication method is implemented through the Basic authorization profile:
-
Create a Basic authorization profile:
Click the image to enlarge it.
Click the image to enlarge it.
Schema registry connection settings are only available when the JSON via Avro (Schema Registry) or JSON via Protobuf (Schema Registry) message format is selected. -
Enter credentials:
- Username – Username or the API key.
- Password – User password or the client secret.
Click the image to enlarge it.
-
Select the profile:
OAuth2.0 authentication
- Create an OAuth2.0 authorization profile:
Click the image to enlarge it.
Note: OAuth2.0 (Azure) and OAuth2.0 (JWT Bearer) are not supported currently. - Enter the Access Token and save the profile by closing it.
- Select the profile that you have just created:
Click the image to enlarge it.
Other authentication methods
If your Kafka broker uses another authentication method, you should set the Authorization Profile to No Authorization and add custom authentication parameters to the Connection Settings. For example, to specify the SASL/PLAIN method without SSL encryption, you will need to specify the following parameters:
| Name | Value |
|---|---|
| sasl.mechanism | PLAIN |
| security.protocol | SASL_PLAINTEXT |
| sasl.jaas.config | org.apache.kafka.common.security.plain.PlainLoginModule required username="Username or API key" password="Password or Client secret"; |
Click the image to enlarge it.
To learn which parameters you need for other authentication methods, see the documentation of your Kafka provider.
