Docs » Get started with the Splunk Distribution of the OpenTelemetry Collector » Collector components » Collector components: Extensions » Authenticator - Bearer extension

Edit this page
Learn how

---

Authenticator - Bearer extension

The bearertokenauth extension implements both configauth.ServerAuthenticator and configauth.ClientAuthenticator. It can be used in both http and gRPC exporters inside the auth settings to embed a static token for every RPC call made.

The following is required:

• You need to set the authenticator type to bearertokenauth.

• You need to enable transport layer security on the exporter.

Get started

Follow these steps to configure and activate the component:

1. Deploy the Splunk Distribution of the OpenTelemetry Collector to your host or container platform:

• Install the Collector for Linux with the installer script

• Install the Collector for Windows with the installer script

• Install the Collector for Kubernetes using Helm

2. Configure the bearertokenauth extension as described in the next section.

3. Restart the Collector.

Configuration options

The following configuration options are available:

• filename. Name of file that contains the authorization token sent in every client call.

• token. Static authorization token sent on every gRPC client call as metadata. The value of the token is prepended by ${scheme} before being sent as a value of the authorization key in the request header (for HTTP) and metadata (for gRPC).

Note

Either filename or token are required. If both are specified, then the token field value is ignored.

Optionally, you can also configure:

• scheme. Bearer by default. Specifies the auth scheme name.

Sample configuration

To activate the component add bearertokenauth to the extensions section of your configuration file and include the extension in any pipeline of the service section. For example:

extensions:
  bearertokenauth:
    token: "somerandomtoken"
    filename: "file-containing.token"
  bearertokenauth/withscheme:
    scheme: "Bearer"
    token: "randomtoken"

receivers:
  hostmetrics:
    scrapers:
      memory:
  otlp:
    protocols:
      grpc:

exporters:
  otlp/withauth:
    endpoint: 0.0.0.0:5000
    ca_file: /tmp/certs/ca.pem
    auth:
      authenticator: bearertokenauth

  otlphttp/withauth:
    endpoint: http://localhost:9000
    auth:
      authenticator: bearertokenauth/withscheme

service:
  extensions: [bearertokenauth, bearertokenauth/withscheme]
  pipelines:
    metrics:
      receivers: [hostmetrics]
      processors: []
      exporters: [otlp/withauth, otlphttp/withauth]

Settings

The following table shows the configuration options for the extension:

Troubleshooting

If you are a Splunk Observability Cloud customer and are not able to see your data in Splunk Observability Cloud, you can get help in the following ways.

Available to Splunk Observability Cloud customers

• Submit a case in the Splunk Support Portal .

• Contact Splunk Support .

Available to prospective customers and free trial users

• Ask a question and get answers through community support at Splunk Answers .

• Join the Splunk #observability user group Slack channel to communicate with customers, partners, and Splunk employees worldwide. To join, see Chat groups in the Get Started with Splunk Community manual.

This page was last updated on Feb 11, 2025.

---

❮

Previous

Basicauth extension

Next

Docker Observer extension

❯

---

• API docs
• Blog
• Training
• Free Trial