Skip to content

BE: AUth: Implement JWT auth w/ JWKS #206

New issue
New issue
Open
Open
BE: AUth: Implement JWT auth w/ JWKS#206
Labels
area/authApp authentication related issuesgood first issueUp for grabshacktoberfestIssues good for hacktoberfest goalscope/backendRelated to backend changesstatus/triage/completedAutomatic triage completedtype/featureA brand new feature
@Haarolean

Description

@Haarolean
Haarolean
opened on Mar 13, 2024

https://docs.spring.io/spring-security/reference/servlet/oauth2/resource-server/jwt.html

via: provectus/kafka-ui#4145

In our case we have a central place where authentication already happens using Azure AD as IDP, and we would like to just forward the JWT resultant from the oauth provider authentication to kafka-ui, and then kafka-ui could just validate the jwt using JWKS (https://auth0.com/docs/secure/tokens/json-web-tokens/json-web-key-sets).

A similar feature is present in Grafana (https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/jwt/#verify-token-using-a-json-web-key-set-loaded-from-https-endpoint), which we are using fine.

As it is now, our only solution is to authenticate using Azure AD in our central place to get access to the internal network to reach kafka-ui, and then authenticate again into kafka-ui using the same method.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/authApp authentication related issuesgood first issueUp for grabshacktoberfestIssues good for hacktoberfest goalscope/backendRelated to backend changesstatus/triage/completedAutomatic triage completedtype/featureA brand new feature

    Projects

    Up for grabs

    Status

    Todo

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions