# Kafka Connection

The **Kafka Connection** module allows users to configure and manage connections to external Kafka brokers. These connections are used to publish data from Infraon workflows to Kafka topics.

This module serves as the foundation for Kafka-based integrations, enabling workflow events to trigger real-time data publishing to external systems.

## **What you see on the screen**

* List of configured Kafka connections
* Columns:
  * Name – Identifier of the Kafka connection
  * Bootstrap Servers – Kafka broker endpoint(s)
  * Security Protocol – Connection type (e.g., SASL, SSL)
  * Status – Active / Inactive
  * Creation Time – Timestamp of creation
  * Action – Edit / Delete options
* Add the **Kafka Connection** button to create a new connection

![](/files/372d8e9a98f81bbf8b561c84c9a8ed7e8c770bcb)

## **How does it work**

1. A Kafka connection is created by providing:

* Broker details (Bootstrap Servers)
* Security configuration (SSL, SASL, etc.)
* Authentication credentials (if required)

2. The connection can be:

* Tested to verify connectivity
* Activated or deactivated

3. Once active, the connection becomes available in the Workflow module.
4. In workflows:

* A **Kafka Integration** action is added
* The user selects the Kafka connection
* Available topics are fetched dynamically

5. When the workflow is executed:

* Data is published to the selected Kafka topic(s)
* External systems consume this data

6. System tracks:

* Success or failure of message publishing
* Logs in workflow execution and recent activities

{% hint style="info" %}

* Only **active Kafka connections** are available for workflow usage
* Supports multiple **security protocols** (SSL, SASL, etc.)
* Enables **event-driven** data publishing from workflows
* Provides audit logs for connection changes
* Ensures validation and error handling during execution
  {% endhint %}

## **Add Kafka Connection**

* To create a new Kafka connection, click **Add Kafka Connection** located at the top right corner of the page.

![](/files/c873493ed43974db639ccab11a733bdd5a72eee6)

* This opens the Add Kafka Connection panel, where you can configure broker details, security settings, and authentication required to establish communication with the Kafka cluster.

**Configuration Details |** Kafka Connection

<table><thead><tr><th width="181.00006103515625">Label</th><th width="121.79998779296875">Action</th><th>Description / Example</th></tr></thead><tbody><tr><td><strong>Connection Name *</strong></td><td>Enter value</td><td>Specify a unique and identifiable name for the Kafka connection.<br><br><strong>Example:</strong> Ticket_Event_Stream, Production_Kafka</td></tr><tr><td><strong>Brokers *</strong></td><td>Enter value</td><td>Enter the Kafka broker endpoint(s) in “<strong>host: port”</strong> format. These brokers act as entry points to the Kafka cluster and are used to establish the connection.<br><br>Multiple brokers can be provided (comma-separated) to ensure high availability and fault tolerance.<br><br><strong>Example:</strong> 192.168.1.10:9092, kafka-prod:9092</td></tr><tr><td><strong>Status</strong></td><td>Toggle on/off</td><td>Enables or disables the Kafka connection.<br><br>When <strong>enabled (Active),</strong> the connection becomes available for selection in workflow actions.<br><br>When <strong>disabled (Inactive),</strong> it is hidden from workflow configuration but remains saved in the system.</td></tr><tr><td><strong>Security Type *</strong></td><td>Select option</td><td><p>Defines the communication protocol and authentication mechanism used to connect with the Kafka cluster.<br><br>This selection dynamically controls which additional fields are required (such as credentials or certificates).<br><br><strong>Available options include:</strong><br></p><ul><li>None</li><li>Plaintext</li><li>SASL (Plaintext)</li><li>SSL</li><li>SASL (SSL)</li></ul></td></tr></tbody></table>

<figure><img src="/files/ec64a9dae5a0145a24c588979c2bedbe2457578e" alt=""><figcaption></figcaption></figure>

The fields displayed in the configuration form change dynamically based on the selected **Security Type**. This ensures that only relevant authentication details are required.

Field Behavior **| Security Type**

<table><thead><tr><th width="153.79998779296875">Security Type</th><th width="120.99993896484375">Additional Fields</th><th>Description</th></tr></thead><tbody><tr><td><strong>None</strong></td><td>None</td><td>No authentication or encryption is applied. The connection is established without any security layer. Suitable only for trusted internal environments without enforced security.</td></tr><tr><td><strong>Plaintext</strong></td><td>None</td><td>Similar to “None”, but explicitly indicates communication over an unencrypted channel. Data is transmitted as plain text without encryption or authentication.</td></tr><tr><td><strong>SSL</strong></td><td>Certificate</td><td>Enables encrypted communication between Infraon and Kafka using SSL/TLS. A valid certificate key must be provided to establish a secure connection. No username/password authentication is required.</td></tr><tr><td><strong>SASL (Plaintext)</strong></td><td>Username, Password</td><td>Enables SASL-based authentication without encryption. Credentials are required to authenticate with the Kafka broker, but communication is not encrypted.</td></tr><tr><td><strong>SASL (SSL)</strong></td><td>Username, Password, Certificate</td><td>Provides both authentication and encryption. Requires valid credentials (username/password) along with an SSL certificate. This is the most secure option and recommended for production environments.</td></tr></tbody></table>

<figure><img src="/files/e7ae5bd741f217ce0b5289f540358fd3395298f9" alt=""><figcaption></figcaption></figure>

* Click **Test** to validate the Kafka connection using the provided configuration details. The system attempts to establish a connection with the Kafka broker and verifies credentials, security settings, and network accessibility.

{% hint style="success" %}
**On success:** A confirmation message is displayed
{% endhint %}

{% hint style="danger" %}
**On failure:** An error message is shown with details for troubleshooting
{% endhint %}

* Click **Save** to store the Kafka connection configuration. Once saved:
  * The connection becomes available in workflow actions (if marked Active)
  * It can be selected in the Kafka Integration workflow card
  * Configuration changes are tracked in audit logs

{% hint style="info" %}

* It is recommended to **Test** the connection before saving
* Only Active connections are available in the workflow configuration
* Internal Kafka topics (e.g., consumer\_offsets) are automatically excluded
* All create, update, and delete actions are recorded in Audit Logs
  {% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.infraon.io/infraon-help/infinity-user-guide/infraon-configuration/general-settings/kafka-connection.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.