I am exploring how to get roles defined via oauth authentication to be passed with the KafkaPrincipal (generated by the DefaultKafkaPrincipalBuilder) so it can be used by authorization.
I know the PrincipalBuilder can be replaced with a custom implementation along with an alternative KafkaPrincipal implementation, but I was hoping with the standardization of OAUTH within Kafka for handling the JWT. In searching email archives and KIPs I do not see anything about this; curious if there are any thoughts on this? The downside, I do not see how to leverage JWT attributes in a generic way, so a custom Authorizer would still be necessary. Thanks, Neil
