kafbat UI
GithubDiscord
  • 🎓Overview
    • About
    • Features
    • Getting started
  • 🛣️Project
    • Code of Conduct
    • Roadmap
  • 🧱Development
    • 🤝🏻Contributing
    • Setting up git
    • Building
      • Prerequisites
      • With Docker
      • Without Docker
    • WIP: Testing
  • ⚡Quick Start
    • 🔍Prerequisites
      • Kafka Permissions
        • Standalone Kafka ACLs
        • MSK (+Serverless) Setup
    • Demo run
    • AWS Marketplace
    • Persisting config
    • K8s / Helm
  • 🛠️Configuration
    • Configuration wizard
    • Configuration file
    • Setup example configs
    • Helm charts
      • Quick start
      • Configuration
        • SSL example
      • Resource limits
      • Sticky sessions
    • Misc configuration properties
    • Complex configuration examples
      • Kraft mode + multiple brokers
    • Kafka secured with SSL
    • Authentication
      • For the UI
        • Basic Authentication
        • OAuth2
        • LDAP / Active Directory
        • SSO Guide (Deprecated)
      • For Kafka
        • AWS IAM
        • SASL_SCRAM
    • RBAC (Role based access control)
      • Supported Identity Providers
    • Data masking
    • Audit log
    • Serialization / SerDe
    • OpenDataDiscovery Integration
  • ❓FAQ
    • Common problems
    • MCP Server
    • FAQ
    • Authentication Issues
Powered by GitBook
On this page
  • Basic (username password) authentication
  • Role-based access control
  • OAuth 2
  • LDAP
  • Active Directory (LDAP)
  • SAML
  • Smart filters syntax
  • Can I use the app as API?
  • My OIDC / OAuth provider uses self-signed certificates, how do I add them to the truststore?

Was this helpful?

Edit on GitHub
Export as PDF
  1. FAQ

FAQ

PreviousMCP ServerNextAuthentication Issues

Last updated 1 month ago

Was this helpful?

Basic (username password) authentication

Basic Authentication

Role-based access control

RBAC (Role based access control)

OAuth 2

OAuth2

LDAP

See example.

Active Directory (LDAP)

See example.

SAML

Planned, see

Smart filters syntax

We use CEL syntax for smart message filtersVariables bound to the context:

  1. key (json if possible)

  2. value (json if possible)

  3. keyAsText

  4. valueAsText

  5. header

  6. partition

  7. timestampMs

JSON parsing logic:Key and Value (if parsing to JSON is available) are bound as JSON objects, otherwise as nulls.Filter examples:

  1. has(record.keyAsText) && record.keyAsText.matches(".*[Gg]roovy.*") - regex for key as a string

  2. has(record.key.name.first) && record.key.name.first == 'user1' - in case if the value is json

  3. record.headers.size() == 1 && !has(record.headers.k1) && record.headers['k2'] == 'v2'

Can I use the app as API?

My OIDC / OAuth provider uses self-signed certificates, how do I add them to the truststore?

server:
  ssl:
    trust-store: classpath:keycloak-truststore.jks
    trust-store-password: changeit

Sure! Swagger declaration is located .

❓
this
this
#478
here