Skip to main content

Enable Apache Kafka® REST proxy authorization

Apache Kafka® REST proxy authorization enables you to use the RESTful interface to connect to Apache Kafka clusters, produce and consume messages, and perform administrative activities via the Aiven CLI. It secures Apache Kafka resources by ensuring only authorized operations are permitted through the REST interface.

When you enable Apache Kafka REST proxy authorization, Karapace sends the HTTP basic authentication credentials to Apache Kafka®. The authentication and authorization are then performed by Apache Kafka, depending on the ACL defined in Apache Kafka. To configure the ACLs for authorization, see Apache Kafka Access Control Lists (ACLs).

When Apache Kafka REST proxy authorization is disabled, the REST Proxy bypasses the Apache Kafka ACLs, so any operation via REST API call is performed without any restrictions.

Configure Apache Kafka REST Proxy Authorization

  1. In the Aiven Console, select your project and choose your Aiven for Apache Kafka® service.
  2. Click Service settings from the sidebar.
  3. Scroll down to the Advanced configuration section, and click Configure.
  4. In the Advanced configuration dialog, click Add configuration options.
  5. Locate the kafka_rest_authorization parameter and set it to True to enable.