WZHMIJJ opened a new issue, #22371: URL: https://github.com/apache/pulsar/issues/22371
### Search before asking - [X] I searched in the [issues](https://github.com/apache/pulsar/issues) and found nothing similar. ### Motivation The motivation for this enhancement stems from the need to bolster security and efficiency in Pulsar’s client authentication. The private_key_jwt method offers a secure means for client authentication, utilizing a private key and JSON Web Token (JWT). By implementing this method, Pulsar can enhance its security framework. ### Solution The proposed solution involves enabling Pulsar authentication for Client authentication using the private_key_jwt method. Related materials: For further details on the private_key_jwt method, refer to the specification outlined in https://kb.authlete.com/en/s/oauth-and-openid-connect/a/client-auth-private-key-jwt ### Alternatives While evaluating alternatives, the current OAuth2 flow with client credentials (client_id and client_secret) was noted. This in our case is not an option, since we use the flow with client_assertion_type and client_assertion. Implementing the private_key_jwt method offers a more secure and efficient alternative, reducing dependency on client_secret and providing enhanced security through private key and JWT-based authentication. ### Anything else? _No response_ ### Are you willing to submit a PR? - [ ] I'm willing to submit a PR! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
