Use Confluent REST Proxy for Authentication in Confluent Platform

Confluent REST Proxy is a component of Confluent Platform that provides a RESTful interface for clusters. The Admin REST APIs acts as an intermediary layer between Kafka clients and Confluent Platform clusters using HTTP requests, supporting operations like producing and consuming messages, and managing topics. The Admin REST APIs are language-agnostic, enabling client applications written in any language to interact with brokers without native Kafka clients. For ease of use, the Admin REST APIs support the JSON data format for data exchange.

The Admin REST APIs support various authentication methods and encryption. You can use the Admin REST APIs to authenticate with Confluent Platform clusters using the following mechanisms:

SASL/OAUTHBEARER

Use the OAuth 2 authorization framework in a SASL context to create and validate JSON web tokens for authentication.

For more information, see Authenticate between REST Proxy and Kafka Brokers using SASL.

Mutual TLS (mTLS)

Use the TLS protocol to authenticate and encrypt communication between the REST Proxy and Kafka brokers.

For more information, see Authenticate between REST Proxy and Kafka broker using mTLS.