You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Recent changes in Iceberg REST deprecated the oauth2 endpoint as part of the REST spec. Instead, the OAuth2 endpoint of the IdP should be used.
Extract from the updated spec:
The oauth/tokens endpoint is DEPRECATED for REMOVAL. It is not recommended to implement this endpoint, unless you are fully aware of the potential security implications.
All clients are encouraged to explicitly set the configuration property oauth2-server-uri to the correct OAuth endpoint.
It would be great to make the oauth2 server uri configurable by adding a iceberg.catalog.oauth2.server-uri configuration for the Iceberg Rest Catalog.
While on it, it might make sense to also rename the credential configuration property from iceberg.catalog.credential to iceberg.catalog.oauth2.credential as oauth2 might not be the only auth mechanism in the future. trino, presto and spark all use a nested oauth2 prefix, which might be a good orientation. They are also more precise in naming the properties iceberg.rest.xxx.xxx, as iceberg also supports other catalogs than rest.
The text was updated successfully, but these errors were encountered:
Enhancement
Recent changes in Iceberg REST deprecated the oauth2 endpoint as part of the REST spec. Instead, the OAuth2 endpoint of the IdP should be used.
Extract from the updated spec:
It would be great to make the oauth2 server uri configurable by adding a
iceberg.catalog.oauth2.server-uri
configuration for the Iceberg Rest Catalog.While on it, it might make sense to also rename the credential configuration property from
iceberg.catalog.credential
toiceberg.catalog.oauth2.credential
as oauth2 might not be the only auth mechanism in the future. trino, presto and spark all use a nestedoauth2
prefix, which might be a good orientation. They are also more precise in naming the propertiesiceberg.rest.xxx.xxx
, as iceberg also supports other catalogs than rest.The text was updated successfully, but these errors were encountered: