DOCS-71:Update authentication.adoc

[Feediver1]

Most updates from https://github.com/redpanda-data/docs/pull/1272/files (now Closed) were implemented in #1298. This PR captures the point about TLS, and the Note, which are still of value.

Description

Resolves DOC-71 and DOC-401
Review deadline:

Page previews

Basic authentication

Checks

• New feature
• Content gap
• Support Follow-up
• Small fix (typos, links, copyedits, etc)

[netlify]

✅ Deploy Preview for redpanda-docs-preview ready!

Name	Link
🔨 Latest commit	71251ab
🔍 Latest deploy log	https://app.netlify.com/projects/redpanda-docs-preview/deploys/689f57a8466a07000889e638
😎 Deploy Preview	https://deploy-preview-1317--redpanda-docs-preview.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

📝 Walkthrough

Walkthrough

This PR updates documentation in modules/manage/partials/authentication.adoc. It adds notes recommending TLS when enabling HTTP Basic authentication and clarifies that the http_authentication cluster property accepts BASIC and OIDC. It distinguishes BASIC from the broker listener setting http_basic and explains the separation between cluster-wide http_authentication and per-listener authentication_method. Clarifications are applied across sections covering Basic authentication, OIDC-enabled HTTP APIs, Admin/API sections, and HTTP API configuration examples. No code changes or behavioral modifications are introduced.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~7 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Encourage use of TLS when HTTP Basic Auth is enabled (DOC-71)	✅
Clarify OIDC docs: distinguish http_authentication BASIC/OIDC vs http_basic; clarify authentication_method usage (DOC-401)	❓	Clarifications added in authentication.adoc, but broker properties reference for authentication_method appears missing.

Possibly related PRs

• Doc 1500 ephemeral auth #1210 — Also modifies authentication.adoc around HTTP auth configuration; likely related to similar clarifications.

Suggested reviewers

• BenPope
• paulohtb6

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch Feediver1-patch-3

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (3)

modules/manage/partials/authentication.adoc (3)

1382-1383: Strengthen TLS guidance for Basic Auth and link to TLS docs

Recommend explicitly why TLS is needed and link to the TLS doc to make the guidance actionable.

Apply this diff:

-NOTE: Redpanda Data recommends that you use TLS when enabling HTTP Basic Auth.
+NOTE: Redpanda recommends using TLS whenever HTTP Basic Auth is enabled. Basic authentication sends credentials in every request (Base64-encoded only), so use HTTPS on all non-local listeners. See xref:{tls-doc}[].

---

1595-1596: Repeat the clarified note here (or reference a shared partial) and add both xrefs

Same clarification as above; either keep the note duplicated (fine for reader convenience) or replace both instances with a single reusable partial to enforce consistency over time. Also add the PandaProxy anchor.

Apply this diff to align the wording and links:

-NOTE: Valid values for the cluster configuration property xref:reference/properties/cluster-properties.adoc#http_authentication[`http_authentication`] are `BASIC` and `OIDC`. Note that the value `BASIC` is different from the `http_basic` value, which enables authentication for the listener using the broker configuration property `authentication_method`.
+NOTE: Valid values for the cluster configuration property xref:reference/properties/cluster-properties.adoc#http_authentication[`http_authentication`] (cluster-wide) are `BASIC` and `OIDC`. The value `BASIC` here is different from the per-listener setting `http_basic`, which enables authentication on a listener via the broker property `authentication_method` (see xref:reference:properties/broker-properties.adoc#schema_registry_auth_method[] and xref:reference:properties/broker-properties.adoc#http_proxy_auth_method[]).

Optional: If you prefer de-duplication, consider creating a short partial (for example, modules/manage/partials/_http-auth-note.adoc) with this admonition and include it in both places.

Use the same verification script from the previous comment to confirm anchor IDs.

---

1357-1357: Fix minor typo: duplicate “see”

Small copyedit.

-For a complete list of all Admin API endpoints, see see xref:api:ROOT:admin-api.adoc[].
+For a complete list of all Admin API endpoints, see xref:api:ROOT:admin-api.adoc[].

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 9652a13 and af2533e.

📒 Files selected for processing (1)

• modules/manage/partials/authentication.adoc (3 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: Redirect rules - redpanda-docs-preview
• GitHub Check: Header rules - redpanda-docs-preview
• GitHub Check: Pages changed - redpanda-docs-preview

[Feediver1]

Fixed the links @BenPope