Appendix - Authentication Schemes

The Kafka OCF connector supports various authentication schemes in configurations. You can use any of the authentication schemes while configuring and this section explains the configuration fields required for each authentication schemes.

Azure MSI

Set the Auth Scheme to Azure MSI.

SCRAM-SHA-512

Specify the values in the following fields for SCRAM-SHA-512 authentication scheme:

  • Set the Auth Scheme to SCRAM-SHA-512

  • User

  • Password

Auto

Not supported.

AzureServicePrincipalCert

Not supported.

AzureServicePrincipal

Specify the values in the following fields for SCRAM-SHA-512 authentication scheme:

  • OAuth Client ID

  • OAuth Client Secret

  • Set Initiate OAuth to Refresh

  • AzureTenant

Kerberos

Specify the values in the following fields for Kerberos authentication scheme:

  • Auth Scheme - Set this to KERBEROS.

  • Kerberos Service Name - This should match to the principal name of the Kafka brokers. For example, if the principal is kafka/kafka1.hostname.com@EXAMPLE.COM, then Kerberos Service Name must be set to kafka.

  • Kerberos SPN - Set this to the service and host of the Apache Kafka Kerberos Principal. This will be the value prior to the @ symbol. For example, for kafka/kafka1.hostname.com is the principal value for kafka/kafka1.hostname.com@EXAMPLE.COM.

  • Select Use Kerberos Ticket Cache checkbox in order to use a ticket cache instead of specifying the keytab file. In that case, the Kerberos Keytab File will be ignored even if it’s specified.

None

Set the Auth Scheme to None to connect to Kafka (on-premise) without setting any authentication connection properties.

SSLCertificate

Note

The SSL authentication is not supported in this release. However, you can specify the SSL certificate content for an SSL handshake if the cluster/broker on Kafka is using SSL.

Plain

Specify the values in the following fields for Plain authentication scheme:

  • Set the Auth Scheme to Plain

  • User

  • Password

AzureAD

Not supported.

SCRAM

Specify the values in the following fields for the SCRAM authentication scheme:

  • Set the Auth Scheme to SCRAM

  • User

  • Password