Archive for the 'HowTo Security' Category

OIDC Integration

July 22, 2022 by Marcial Rosales
Today when we use the rabbitmq-management with the rabbitmq_auth_backend_oauth2 plugin, the only supported Authorization server is UAA, making it difficult to connect to other OAuth 2.0 servers. Additionally, rabbitmq-management plugin uses the OAuth 2.0 implicit flow which is no longer recommended for security reasons. RabbitMQ 3.11 will support practically any Authorization server compliant with OpenID Connect and OAuth 2.0 protocols. Furthermore, OAuth 2.0 authorization code grant becomes the default grant and implicit grant is no longer supported.