taigrr/nats.docs
1
0
Fork 0
mirror of https://github.com/taigrr/nats.docs synced 2025-01-18 04:03:23 -08:00
Code Issues Projects Releases Wiki Activity

Added examples for creds and nkey (java only so far)

Browse Source
This commit is contained in:
Stephen Asbury
2019-05-16 15:07:04 -07:00
parent 312697bfa4
commit 615ef54fd1
5 changed files with 83 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
developer/security/creds.md Normal file
View File

@@ -0,0 +1,5 @@
# Authenticating with an NKey
The 2.0 version of NATS server introduced the idea of JWT-based authentication. Clients interact with this new scheme using a user JWT and the private key from an NKey pair. To help make connecting with a JWT easier, the client libraries support the concept of a credentials file. This file contains both the private key and the JWT and can be generated with the `nsc` tool. Given a creds file, a client can authenticate as a specific user belonging to a specific account:
!INCLUDE "../../_examples/connect_creds.html"

7
developer/security/nkey.md Normal file
View File

@@ -0,0 +1,7 @@
# Authenticating with an NKey
The 2.0 version of NATS server introduces a new challenge response authentication option. This challenge response is based on a wrapper we call NKeys which uses ED25519 signing. The server can use these keys in several ways for authentication. The simplest is for the server to be configured with a list of known public keys and for the clients to respond to the challenge by signing it with its private key. This challenge-response insures security by insuring that the client has the private key, but also protects the private key from the server which never has to actually see it.
Handling challenge response may require more than just a setting in the connection options, depending on the client library.
!INCLUDE "../../_examples/connect_nkey.html"