Configure a Kafka sync destination
Use the dsconfig
command or the administrative console to configure PingDataSync to synchronize changes to an Apache Kafka environment.
PingDataSync supports synchronization of single and multivalued attributes to Kafka. You can reuse existing Ping Identity sync sources that were created for other Sync Pipes.
To view an example configuration, see the file located at To configure Kerberos authentication for a Kafka sync destination, supply the |
The following objects are required to configure a Kafka sync destination:
-
Kafka cluster external server – Defines the procedure for connecting to a Kafka cluster. The Kafka cluster external server can be referenced from multiple Kafka sync destination configuration objects. The only required property is
bootstrap-server
, which identifies some of the Kafka brokers in the environment.When
use-ssl
is set totrue
, the following configuration changes are made:-
A
trust-manager-provider
is configured to validate the Kafka broker’s SSL certificate. -
A
key-manager-provider
is configured to let the Kafka broker authenticate the PingDataSync Kafka producer.
-
-
Kafka sync destination – References the Kafka cluster external server. The Kafka sync destination must specify the name of the topic to use for publishing messages.
To adjust Kafka messages beyond the mapping, attribute filtering, and other configuration changes that PingDataSync makes, reference one or more of the
KafkaSyncDestinationPlugin
extension points that are implemented by using the Server SDK.
Run the prepare-endpoint-server
command for the PingDirectory sync source.
SSL configuration
The following table identifies the trust-manager-provider
and key-manager-provider
properties of the Kafka cluster external server configuration object, as well as the Kafka configuration properties to which they map.
Configuration Object Type | Configuration Property | Kafka Configuration Property |
---|---|---|
File-based Trust Manager Provider |
|
|
File-based Trust Manager Provider |
|
|
File-based Key Manager Provider |
|
|
File-based Key Manager Provider |
|
|
File-based Key Manager Provider |
|
|