Hi everyone,
I’m experimenting with the Connector using the HTTP Sink, and it seems very handy. So, I’m considering replacing one of our event processing engines with it.
I know that the HTTP Sink supports both basic and bearer authentication methods, and I want to use the bearer method. However, the token required to access the external HTTP API expires in an hour. Is there a way to configure the HTTP Sink to dynamically obtain or refresh the token? Alternatively, are there any plans to support this feature in the near future?
Cheers,
There’s no support for short-living tokens at the moment. And, I am actually unsure how it can be done. The HTTP sink behaves like a webhook and when we could certainly do something like signed webhook with shared secret, I am unaware of systems that are able to maintain something like OIDC with refresh tokens. Maybe you can point to something where we can look?
for reference and comparison :
Kafka’s http connector authentication supports
-
None,
-
Basic,
-
oauth2 (Client Credentials grant type only).
https://docs.confluent.io/kafka-connectors/http/current/connector_config.html#authorization
@yves.lorphelin the oauth2 type of authentication is what I was looking for.
For now, I can use an HTTP connector with basic authentication or without any authentication since the HTTP service will be internal. However, I hope OAuth2 will be supported in the near future.
Thank you for all your support!
1 Like