Tyooughtul commented on issue #1762: URL: https://github.com/apache/iggy/issues/1762#issuecomment-3791129275
> it sure is! [@Tyooughtul](https://github.com/Tyooughtul) assigned > > let us know on discord, in discussions on github or here what's your implementation idea before jumping straight into code. Thanks for the assignment! I've been looking at the A2A spec, especially the streaming/async parts. It seems like to make Iggy work as the pub/sub layer for A2A Agents, we'd need to handle the A2A identity layer somehow. From what I can see, A2A uses JWT/JWKS for authentication, while Iggy currently uses static secrets. So I was thinking... maybe we could add JWKS support to Iggy? Here's what I'm considering: - Extend the config to support a jwks_url - Build a simple client to fetch public keys from an A2A Auth Server - Update the JWT verification to use keys from JWKS instead of just static secrets This way, A2A Agents could use their existing credentials to push data into Iggy. But I'm still exploring this - would love to hear your thoughts on whether this direction makes sense or if there's a better approach! Also, I'm planning to work on this in smaller chunks and send incremental PRs, so it's easier to review and we can discuss and adjust direction as we go. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
