Quick navigation
Configuration
To configure Conduktor Gateway, you have to:
- Decide on your networking/load balancing requirements.
- Configure how Gateway connects to your 'backing' Kafka cluster.
- Configure Gateway to accept client connections.
- Decide whether you need virtual clusters.
Authentication and authorization flows
Conceptual visualization
This is a conceptual view of the authentication and authorization flows. It doesn't include every network call in each stage or the exact order of the calls.
Gateway security with credentials managed by Gateway
Security protocol: SASL_PLAINTEXT or SASL_SSL
SASL mechanism: PLAIN
Authentication flow
Authorization flow (produce message)
Gateway security with OAuth
Security protocol: SASL_PLAINTEXT or SASL_SSL
SASL mechanism: OAUTHBEARER
Authentication flow
Authorization flow (produce message)
Backing Kafka security with SASL users
Security protocol: DELEGATED_SASL_PLAINTEXT or DELEGATED_SASL_SSL
SASL mechanism: PLAIN (ie Confluent Cloud) or SCRAM-SHA-256 or SCRAM-SHA-512
Authentication flow
Authorization flow (produce message)
Backing Kafka Security with OAuth
Security protocol: DELEGATED_SASL_PLAINTEXT or DELEGATED_SASL_SSL
SASL mechanism: OAUTHBEARER