Using token based authorization (OAuth access tokens) with message delivery system RRS feed

  • Question

  • Hi,

    Is it possible/feasible to use access tokens such as OAuth2 reference or JWT for authorization enforcement in case of communication via message delivery system such as Kafka?

    Protocol guidelines around OAuth2/OIDC strongly suggest using TLS between client and a server in order to prevent token leaks. In a scenario with message delivery system, it can only be achieved with message encryption. In such case key distribution becomes a problem, especially if client is located in customer network, and services are in the cloud.

    Any hint would be much appreciated.

    Regards, Dmitry

    Tuesday, January 31, 2017 11:10 PM

All replies