Ok, sounds promising, then I started to look for sample code around using a C# library authenticating with an OAuth 2.0 token obtained from Azure AD but I didn't found anything, so I decided to create my sample code and the best .NET Kafka library I found out there it was the “Confluent.Kafka”.
This means that if you are running your Kafka Client within an Azure compute service (VMs, Functions, App Services, AKS Pods, Container Instances… etc) which supports "Managed Identities" the complexity of handling and rotating the secret is directly managed by the platform.
In a nutshell: it can leverage both Environmental variables (as I did for my debugging session), Managed Identities, or other developers-friendly types of authentication.
The takeaway here is that using that identity library you do not have to change your code from debugging to production, and in production, you can leverage Managed Identity whenever they are available in your execution environment (VMs, AppWeb, Functions, AKS Pods, Container Instances).
Executing the sample
Ok so we have a .NET C# sample code which grabs a token from Azure AD, create a Kafka Producer and simulating some data flow toward Event Hub: