BE: Auth: JWT auth w/ JWKS #4145
Labels
area/auth
scope/backend
status/accepted
An issue which has passed triage and has been accepted
type/enhancement
En enhancement to an already existing feature
Issue submitter TODO list
Is your proposal related to a problem?
No
Describe the feature you're interested in
Hi !
Any ideas on providing a JWT token authentication mechanism?
In our case we have a central place where authentication already happens using Azure AD as IDP, and we would like to just forward the JWT resultant from the oauth provider authentication to kafka-ui, and then kafka-ui could just validate the jwt using JWKS (https://auth0.com/docs/secure/tokens/json-web-tokens/json-web-key-sets).
A similar feature is present in Grafana (https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/jwt/#verify-token-using-a-json-web-key-set-loaded-from-https-endpoint), which we are using fine.
As it is now, our only solution is to authenticate using Azure AD in our central place to get access to the internal network to reach kafka-ui, and then authenticate again into kafka-ui using the same method.
Describe alternatives you've considered
No response
Version you're running
56fa824
Additional context
No response
The text was updated successfully, but these errors were encountered: