Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.
04-29-2019 05:51 AM
Hi there,
is anyone aware of an oauth2 implementation for neo4j?
I am only aware of ldap is available. But I would like to authenticate through keycloak and oauth2/JWT.
this would then allow for end to end user idendification and complete tracability from client (browser) over busniness servers (e.g. node.js/spring/.net) down to database level (neo4j).
regards
Thomas
05-13-2019 07:30 AM
Hi Thomas,
I do not know of an oauth2 authentication for neo4j.
What I normally see is that the application layer has it's own user system and connects only with the database with one or two neo4j-user accounts. In this scenario you can pass the application-user information to the neo4j transaction metadata which can be logged (query logging) for audit and traceability.
regards
05-13-2019 09:07 AM
As @kees.vegter already mentions, there's no oauth2 implementation out of the box for database users. However the authentication/authorization component is flexible and you can provide your own implementation featuring oauth2. See https://neo4j.com/docs/java-reference/3.5/extending-neo4j/security-plugins/ for details on APIs.
05-13-2019 10:03 AM
Hi Kees, Stefan,
thank you very much for the reply. I will try to write my own module.
I'll post some of my outcomes and questions here.
Probably this will be a feature like ldap but for more internet oriented use case/or b2b use cased.
regards
Thomas
All the sessions of the conference are now available online