.. _confluentsecurityplugins_schema_registry_authorization: Schema Registry Authorization ============================= The Schema Registry security plugin provides authorization for Schema Registry operations. The supported operations and corresponding Schema Registry URIs are listed here. .. _confluentsecurityplugins_sr_operations: ================================ ============================================================================= SCHEMA REGISTRY OPERATION RESOURCE ================================ ============================================================================= SUBJECT_READ .. http:get:: /subjects/(string: subject)/versions .. http:get:: /subjects/(string: subject)/versions/(versionId:version) SUBJECT_WRITE .. http:post:: /subjects/(string: subject)/versions .. http:post:: /subjects/(string: subject) .. http:post:: /compatibility/subjects/(string: subject)/versions/(versionId: version) SUBJECT_DELETE .. http:delete:: /subjects/(string: subject)/versions/(versionId: version) .. http:delete:: /subjects/(string: subject) SCHEMA_READ .. http:get:: /schemas/ids/{int: id} SUBJECT_COMPATIBILITY_READ .. http:get:: /config/(string: subject) SUBJECT_COMPATIBILITY_WRITE .. http:put:: /config/(string: subject) GLOBAL_COMPATIBILITY_READ .. http:get:: /config GLOBAL_COMPATIBILITY_WRITE .. http:put:: /config GLOBAL_SUBJECTS_READ .. http:get:: /subjects ================================ ============================================================================= For more information, see the :ref:`Schema Registry API`. Incoming requests are mapped to a Schema Registry Operation as outlined in above table, after which the request is authorized using the configured authorizer: ``confluent.schema.registry.authorizer.class`` The implementation used to authorize Schema Registry requests. This needs to be an implementation of the interface SchemaRegistryAuthorizer. * Type: string * Default: "" * Importance: high These |sr| authorizers are provided natively. .. toctree:: sracl_authorizer topicacl_authorizer