How to use/ enable oAuth2 in spring cloud stream to connect to Solace broker ?


I have implemented spring cloud solace binder to consume messages from Solace Queue.

I am using Azure OAuth and registered the app as well as enabled OAuth on the solace broker.

I am having hard time finding Oauth properties to connect to solace binder.

Referred to various dev tutorials and could only find below properties with basic auth.

    type: solace
             host: tcp://localhost:55555
             msgVpn: default
             clientUsername: default
             clientPassword: default


  • marc
    marc Member, Administrator, Moderator, Employee Posts: 923 admin

    Hi @chatumoh,

    Solace's Spring Cloud Stream binder uses our Spring Boot JCSMP starter to connect to the broker so you can set any properties defined here:

    In the case of OAUTH you'll want to set JCSMPProperties.AUTHENTICATION_SCHEME to JCSMPProperties.AUTHENTICATION_SCHEME_OAUTH, JCSMPProperties.OAUTH2_ACCESS_TOKEN, and JCSMPProperties.OAUTH2_ISSUER_IDENTIFIER.  which can all be set under

    Hope that helps!

  • chatumoh
    chatumoh Member Posts: 7
    edited April 2023 #3

    @marc I did explore JCSMPProperties and added to my project under

    I see JCSMPProperties.OAUTH2_ACCESS_TOKEN expects the token value when i set  JCSMPProperties.AUTHENTICATION_SCHEME to AUTHENTICATION_SCHEME_OAUTH2 retrieved from token endpoint from auth provider which is Azure in my case.

    But i am wondering if sessionHandling i.e. injecting new access token and requesting one when expired would be implicitly handled by SpringJCSMPFactory once client / solace consumer is connected to binder Or how do i manage it on my own in the app?

    Also,  JCSMPProperties.AUTHENTICATION_SCHEME: AUTHENTICATION_SCHEME_OAUTH2 is only supported since v3.4 & i am getting error that AUTHENTICATION_SCHEME_BASIC, AUTHENTICATION_SCHEME_CLIENT_CERTIFICATE,AUTHENTICATION_SCHEME_GSS_KRB" are only supported schemes for solace binder versions lower than v3.4. How can i connect to solace binder with Oauth2 for lower version e.g. v3.2