Oct 24, 2023
5 min read

Secure Your Pulsar Cluster with Revocable API Keys

Vik Narayan
Product Manager, StreamNative

Before you can send or consume a single message from a Pulsar cluster, you first must connect to it. It’s important to do so in a way that’s both flexible and secure, protecting against unauthorized access without limiting your developer team to a small set of tools/clients. To that end, I’m excited to announce StreamNative’s latest feature, now in Public Preview: StreamNative API Keys. StreamNative API Keys are JWT-based tokens enable Pulsar clients to connect to Pulsar clusters on StreamNative. They are long-lived, with a configurable expiration date, and revokable at any time via the StreamNative Console - a feature that’s only available on StreamNative Hosted and BYOC Pulsar clusters, not open source ones. StreamNative API keys offer both a flexible authentication solution that can work with any client, and a revokable key that can be rotated on a regular interval for security and compliance, or immediately revoked in the event of a security incident.

Secure and Easy to Manage

StreamNative API keys can be created and managed from within the StreamNative console, to easily grant and revoke API access to users, applications, or third-party services. Create a key by specifying a service account, instance, and expiration date.

It is also straightforward to rotate keys by setting an expiration date on a key, or by manually revoking a key and replacing it with a new one. This enables teams to comply with regulations, and keep your organization secure.

Works Everywhere

Because StreamNative API Keys are JWT-based, using them with a Pulsar client is as simple as copy-pasting them wherever you use token-based authentication. That also means that you don’t have to worry about whether a client supports OAuth2.0 - these API keys will work everywhere. See the snippet below for how it works:

import pulsar

client = pulsar.Client("pulsar+ssl://cluster-url-here:6651",authentication=pulsar.AuthenticationToken("paste-your-token-here"))
producer = client.create_producer("persistent://public/default/test")
for i in range(10):
    producer.send(('Hello-%d' % i).encode('utf-8'))



StreamNative API Keys represent a big step forward in our ongoing commitment to security and customer satisfaction. We know security is a constant effort, and we’re just getting started - we will continue to invest in cutting-edge technologies and features to stay ahead of evolving threats. For more information about creating and using API keys, check out our documentation. If you’d like to try StreamNative API Keys while it’s in Public Preview before it’s generally available, get in touch!

Vik Narayan
Product Manager, StreamNative


Our strategies and tactics delivered right to your inbox

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Product Announcements