Share via

Kafka REST Proxy Authentication

Mike McNulty 1 Reputation point
2022-02-18T18:30:46.19+00:00

We would like to develop a HDInsight Kafka cluster to share real time data with a subcontractor. The REST proxy documentation indicates that "Kafka clients that need access to the REST proxy should be registered to a group by the group owner." I believe that this indicates that only a client application needs to register and a user doesn't need to be created for the subcontractor within Azure AD. I would like to confirm this.

Or do we need to create a user "subcontractor_1" provide them access to the Kafka application, create a token and then distribute the token?

Azure HDInsight
Azure HDInsight
An Azure managed cluster service for open-source analytics.
199 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. ShaikMaheer-MSFT 38,201 Reputation points Microsoft Employee
    2022-02-21T16:21:52.233+00:00

    Hi @Mike McNulty ,

    Thank you for posting query in Microsoft Q&A Platform.

    As described in documentation Pre-requisites section, we need to AAD application ID(Service principle) with secret and then add that application id to security group of your intended as member. Now, this security group only we will be adding to Kafka REST Proxy as described here.

    Now, once we done with above in the client application code, we will be using application ID(service principle) and secret what we created above to interact with cluster and APIs.

    So, that way our client application will able to interact with APIs as client application will use service principle to do same. and service principle was part of security group which added under Kafka REST Proxy enable settings.

    Hope this helps. Please let us know how it goes. Thank you.