Authentication via oAuth/OpenID/jwt token

[geraldvienna]

I have an application running on AWS which supports multi-tenancy.
The user logs in to AWS Cognito via oAuth/OpenId and gets a jwt token which is every where in the system to get permission to the service.

I would like to integrate now Apache Doris in my application but my first question is how can I authenticate to Apache Doris via a jwt token or user federation or oAuth (any answer will help)?

[morningman]

Doris currently not support jwt authentication.
But we are working on Pluggable Authentication framework.
Base on this, we may adding some new authentication method in future.
#40113

[geraldvienna]

Thx for your answer.

Will this also be integrated in "Create external tables" statement? Because atm the S3 access and secret keys needs to be hard coded which violates a lot of security rules and also regulator does not like it. (See https://doris.apache.org/docs/gettingStarted/tutorials/building-lakehouse/doris-iceberg/ how its done today in 3.0).

Usually we need to rotate such keys so in case you have there any improvement too that would open Doris more to the enterprise world (imho).