Neo4j

thomas_stuempfi · ‎04-29-2019

Hi there,
is anyone aware of an oauth2 implementation for neo4j?
I am only aware of ldap is available. But I would like to authenticate through keycloak and oauth2/JWT.

this would then allow for end to end user idendification and complete tracability from client (browser) over busniness servers (e.g. node.js/spring/.net) down to database level (neo4j).

regards
Thomas

kees_vegter · ‎05-13-2019

Hi Thomas,

I do not know of an oauth2 authentication for neo4j.
What I normally see is that the application layer has it's own user system and connects only with the database with one or two neo4j-user accounts. In this scenario you can pass the application-user information to the neo4j transaction metadata which can be logged (query logging) for audit and traceability.

regards

stefan_armbrust · ‎05-13-2019

As @kees.vegter already mentions, there's no oauth2 implementation out of the box for database users. However the authentication/authorization component is flexible and you can provide your own implementation featuring oauth2. See https://neo4j.com/docs/java-reference/3.5/extending-neo4j/security-plugins/ for details on APIs.

thomas_stuempfi · ‎05-13-2019

Hi Kees, Stefan,
thank you very much for the reply. I will try to write my own module.
I'll post some of my outcomes and questions here.
Probably this will be a feature like ldap but for more internet oriented use case/or b2b use cased.

regards
Thomas

Neo4j

OAuth2/JWT