How to secure our OpenTelemetry Endpoint with Keycloak?
It would be great if any of the community members can help.
Thanks!
I am trying to secure the OpenTelemetry Endpoint with Keycloak. Requirement: I have exposed an OTLP/HTTP Otel endpoint publicly for receiving telemetry data from other sources. And to make it secure, I am integrating it with Keycloak.
I have tried to integrate it, added some configuration code in otel-collector-gateway as well.. and created client in keycloak.. And now when I access the endpoint, its says UNAUTHORISED.
But its not giving any Keycloak page to enter credentials nor token. I am not sure where I went wrong.
Expectation: When I hit the endpoint, it should ask for Keycloak credentials/token for auth and after entering valid creds, it should work.
Thanks for commenting.
I was taking the reference of the same blog by you sir Juraci Paixão Kröhling.
Ref Link : https://medium.com/opentelemetry/securing-your-opentelemetry-collector-1a4f9fa5bd6f
What I found out is when we write the oidc extensions block in otel-config:
extensions:
oidc:
issuer_url: http://{YOUR-KEYCLOAK-URL}/realms/{YOUR-REALM-NAME}
audience: {YOUR-KEYCLOAK-CLIENT-NAME}
attribute: Authorization
"A" in Authorization should be capital, and in the blog by you sir Juraci Paixão Kröhling, it was small so that is why I ran out in the problem but after this it is working well.
Thanks!