The code "AccessTokenRetrieverFactory" uses the "jaasConfig"'s for the properties used for building the socket factory.
Shouldn't "jou.createSSLSockerFactor()" use the kafka configs for sasl/ssl overrides? I am looking to do "oauthbearer.ssl.protocol=TLSv1.2" -- but no luck - I have tried many variations and in looking at the code I *think* it is trying to use JAAS properties not the kafka configurations for this. I am confused by this so I don't want to open a ticket if I am mis-understanding how overrides should work for oauthbearer Thanks, Neil JaasOptionsUtils jou = new JaasOptionsUtils(jaasConfig); String clientId = jou.validateString(CLIENT_ID_CONFIG); String clientSecret = jou.validateString(CLIENT_SECRET_CONFIG); String scope = jou.validateString(SCOPE_CONFIG, false); SSLSocketFactory sslSocketFactory = null; if (jou.shouldCreateSSLSocketFactory(tokenEndpointUrl)) sslSocketFactory = jou.createSSLSocketFactory();