Once an energy device or service has been successfully connected to the Energy Hub Alliance, it generates streaming messages that can be received by connecting your application to the streaming service. Currently, the supported streaming technology is Kafka. Traffic between the Kafka consumer and the EHA Kafka broker is transported via the TLS protocol. An additional security measure is the use of the SASL protocol for authentication. Therefore, the Kafka consumer must be configured with multiple parameters to connect to and read notifications from the EHA streaming service. Specifically, the SASL_SSL security protocol supported by Kafka is used. To consume messages, you need a Kafka message consumer, proper consumer configuration, credentials, and your client system must trust the Let’s Encrypt trust chain. The consumer configuration includes the URL of the EHA broker, the topic name, and the credentials. Topics are separated by subscription ID, and security policies ensure that only you can access your subscriptions. Each topic you can receive notifications from is dedicated to a specific subscription. Therefore, you must request specific streaming client credentials for each subscription. Once you have collected all the streaming credentials for a subscription, you will be able to connect to all its associated topics.
Streaming credentials are obtained via the Partner Portal.

Authentication

The EHA streaming service supports OAuth for authentication across all its Kafka topics. The EHA Kafka broker supports SASL/OAUTHBEARER authentication — a SASL-based mechanism for authenticating clients using OAuth tokens based on the JSON Web Token (JWT) standard, as specified in RFC 7519. You can use the SASL/OAUTHBEARER mechanism to authenticate your Kafka clients.