Hi all, I would like to resume the discussion around the OAuth2 manager in Iceberg REST with a new proposal.
Our last conversation [1] indicated a community preference for enhancing the existing manager within iceberg-core, rather than introducing a separate one. We agreed that deprecations and new dependencies, like an OAuth2 library, were acceptable trade-offs. After an extensive PoC, I have developed a design document for what I am calling the "OAuth2 Manager v2" initiative [2]. While the ideal goal was a seamless evolution of the existing manager, the reality is more complex. The proposal is designed to make the migration of both configuration and runtime behavior as smooth as possible, although some adjustments will be necessary. A roadmap with different steps (deprecation, transition, removal), spanning a few minor Iceberg versions, is included in the document. I welcome your thoughts on the design doc and look forward to discussing this topic at the next catalog meeting in January 2026. Thanks, Alex [1]: https://lists.apache.org/thread/on7xcr838ol0bctxjjfnkjb72rjwnmsk [2]: https://docs.google.com/document/d/1Hxw-t8Maa7wZFmrlSujm7LRawKsFP3Q31tET_3aRnQU/edit?usp=sharing
