Event streaming platforms like Kafka were built to move data fast. Their native authentication mechanisms were designed to secure broker-to-broker communication — not the multitude of consumers and applications now connecting to them from outside the cluster. The result is a common workaround: static credentials distributed to every client, with limited ability to rotate them, audit them, or enforce granular access based on who the caller actually is.
Kong Event Gateway already addresses part of this by acting as a security perimeter — terminating client connections at the edge, enforcing policy, and shielding brokers from direct exposure. The Kong Identity principals directory extends this by providing a persistent identity record that travels with every request. When a client connects, Kong Event Gateway can look up that principal, pull in structured metadata, like team ownership, environment, agent type, and custom identifiers, to make that context available to policy expressions in real time.
The practical effect: access control for event traffic can evolve from coarse credential checks to identity-aware policy. An AI agent consuming a sensitive topic can be authenticated, enriched with metadata about its role and ownership, and evaluated against fine-grained ACLs (access control lists) — all before reaching the broker.
Take an inventory modeling agent that needs to read from Kafka topic and call two internal APIs. The agent is provisioned as a principal with a unique identity type, tagged with metadata (owning team, environment, agent purpose). When connecting to the Kong Event Gateway, that meta-data is part of the authentication policy decision that this agent gets to read the forecasting topic in production and nothing else. Rotating credentials next quarter is one directory operation, not a separate set of support tickets with one to rotate Kafka ACLs and the other to rotate Gateway API keys. If the Agent's behavior ever looks wrong, every action it took is in the same audit trail and there is a single point to shut it down.
For organizations running event-driven architectures at scale, the principals directory closes the gap between the security model applied to API traffic and the one applied to event traffic — making both consistently governed by the same identity layer.