What is SaslAuthenticate?
Carries the raw SASL exchange bytes after SaslHandshake, with content specific to the mechanism (GSSAPI token, OAUTHBEARER JWT, SCRAM challenge-response, etc.). The response includes session lifetime for token-based mechanisms like OAUTHBEARER, so the client knows when to re-authenticate.
Wire Diagram
Response Header
message_size
int32 · 4B
correlation_id
int32 · 4B
SaslAuthenticateResponse v0
ErrorCode
int16 · 2B
ErrorMessage?
string
AuthBytes
bytes
Schema & Example
Schema { "ErrorCode": int16, "ErrorMessage": string?, "AuthBytes": bytes }
Example { "ErrorCode": 0, "ErrorMessage": "NETWORK_EXCEPTION", "AuthBytes": "<binary>" }