HTTP API Auth and Cluster support

Drivers & Stacks
1

I have a few items I'd like confirmation on regards the NEO4J (version 4.4.x) HTTP API:

1. What Auth types does the HTTP API support? The documentation only mentions Basic - so does this mean it does not support SSO (Bearer token) Auth?

2. Can I confirm that the HTTP API does not support read after write consistency when used in a causal cluster? There appears no support for bookmarks?

3. Can I confirm how request routing would work in a causal cluster? EG If I have several read replicas is it possible to route write transactions to a core nodes only or would it potentially try and execute on a read replica?

Very many thanks

1 Like
2

Hi,

Did you get an answer to your question about Auth types for HTTP APIs? Restriction to only use basic auth on enterprise environments will prevent users from recommending Neo4j to their IT teams.

3

@stephen_b2 @sathishkumar

  1. correct. Basic is all that is offered

  2. correct. bookmark support not yet available

  3. with Neo4j 4.4.4 forward and with the usage of access-mode writes will only ever go to a Leader/core node.

4

Hi @dana_canzano Thanks for the response. Is there a plan to allow other authentication methods in roadmap? if so, when is this expected for release?

5

Hello all, I am able to access native HTTP APIs using oAuth2 access tokens by passing the token as password in the basic auth step (with empty username). Thanks @david.pecollet for sharing me this solution.

6

Please note as of Neo4j 5.6, the HTTP API supports both Bookmarks (for causal clustering) and Call in Transactions (for batching operations).

Also, to confirm, tokens are accepted in the basic auth password field, if the Neo4j server is configured for OIDC.

Any questions please shout.
Richard
(Product Manager at Neo4j, working on drivers, APIs and security)