-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auth-context available for use in export-config #4814
Comments
@bogdandrutu, @tigrannajaryan, do you think we could change the confighttp to accept a notation like |
@jpkrohling how will this work? We don't maintain the context in batch processor or in queued_retry, so the incoming context won't be available in the exporters, right? |
We don't yet, but I do plan on working on that soon (#4544). |
@tigrannajaryan we do maintain the context in |
@DennisGlindhart does open-telemetry/opentelemetry-collector-contrib#12892 resolve this issue for you? |
@kovrus Reading the README it would seem so, yes. This configuration should fill the username from auth into User-ID header when sending to exporter if I understand correctly.
There is still the batch-limitation (Nice to have), but I guess in the future relying on the same work mentioned earlier could solve that? (#4544). |
That's correct. See #5733 (comment), it could be potentially temporal workaround. @jpkrohling can you please close this issue? |
When using a (Server)Authentication extension for OTEL-Collector (i.e. basic auth, oidc etc. from contrib), I would like it to be possible to somehow extract the username (or other auth-data/claim) and use it in i.e. exporter-headers.
The auth context seems to be returned from the extension in authenticate-method ( https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/main/extension/oidcauthextension/extension.go#L136 ) so it should already be available in the context.
Describe the solution you'd like
Ability to use the auth context in exporter-config.
Additional context
One use case here could be to have only a singe OTEL-collector running on multitenant server/cluster-node etc and let software authenticate with the OTEL-collector and be exported with Multitentenancy-header (in this example Scope-header used Grafana Tempo/Loki).
The text was updated successfully, but these errors were encountered: