java.lang.Object
io.confluent.kafka.schemaregistry.client.security.bearerauth.oauth.UamiCredentialProvider
All Implemented Interfaces:
BearerAuthCredentialProvider, Closeable, AutoCloseable, org.apache.kafka.common.Configurable

public class UamiCredentialProvider extends Object implements BearerAuthCredentialProvider
UamiCredentialProvider is a BearerAuthCredentialProvider that authenticates to Schema Registry using an Azure User Assigned Managed Identity (UAMI).

It retrieves a bearer token from the Azure Instance Metadata Service (IMDS) using UamiJwtRetriever, caches the token via CachedOauthTokenRetriever, and proactively refreshes it before expiry using OauthTokenCache.

Required configuration:

Optional configuration:

To activate, set:

   bearer.auth.credentials.source=UAMI
   bearer.auth.issuer.endpoint.query=api-version=2025-04-07&resource=...&client_id=...