PingDirectory

Configure a Kafka sync destination

Use the dsconfig command or the administration console to synchronize changes to an Apache Kafka environment. You can reuse existing Ping Identity sync sources that were created for other Sync Pipes.

To configure Kerberos authentication for a Kafka sync destination, supply the producer-property attribute with the appropriate values according to the Apache Kafka documentation.

The following objects are required to configure a Kafka sync destination:

  • Kafka cluster external server – Defines the procedure for connecting to a Kafka cluster. The Kafka cluster external server can be referenced from multiple Kafka sync destination configuration objects. The only required property is bootstrap-server, which identifies some of the Kafka brokers in the environment.

    When use-ssl is set to true, the following configuration changes are made:

    • A trust-manager-provider is configured to validate the Kafka broker’s SSL certificate.

    • A key-manager-provider is configured to let the Kafka broker authenticate the PingDataSync Kafka producer.

  • Kafka sync destination – References the Kafka cluster external server. The Kafka sync destination must specify the name of the topic to use for publishing messages.

    To adjust Kafka messages beyond the mapping, attribute filtering, and other configuration changes that PingDataSync makes, reference one or more of the KafkaSyncDestinationPlugin extension points that are implemented by using the Server SDK.

Run the prepare-endpoint-server command for the PingDirectory sync source.