Akka grpc custom authentication

(Ze97286) #1

Hello,

I’d like to be able to hook up custom authentication mechanism to my server grpc server - at the connection level. Basically what I want to have is the server sending a challenge to the client and the client returning the challenge (signed), server verifying and connection established.

Is there an easy way of doing that with akka grpc/http2?

Thanks!

(Arnout Engelen) #2

I think I would suggest using HTTPS and client certificates (mutual TLS) for this. This is a common way to secure gRPC connections, also recommended e.g. on https://grpc.io/docs/guides/auth.html.

If you really want something custom on top of HTTP, you can integrate an Akka gRPC handler in regular Akka HTTP directives. You can find an example of that (though implementing a completely different kind of auth) at https://github.com/akka/akka-grpc/pull/544/files