KIP-1246 — Deprecate backdoor that allows any client to produce to internal topics
Discussion SecurityBroker
Deprecates the backdoor mechanism that allows any client with clientId __admin_client to produce to internal topics (e.g. __consumer_offsets, __transaction_state) without authorization checks, with removal planned for Kafka 5.0. This bypass poses a security and operational risk: malicious or misconfigured clients can corrupt internal topic state with no differentiation from legitimate admin tooling.
Details
| Author | TaiJuWu |
| Status | Discussion |
| JIRA | KAFKA-5246 |
| Wiki | View on Apache Wiki |
| Created | 2025-11-28 |
| Last Modified | 2025-12-07 |
Explore how this KIP affects the Kafka protocol in the Protocol Explorer, or see the full KIP database.