mirror of
https://github.com/taigrr/nats.docs
synced 2025-01-18 04:03:23 -08:00
28f7c2f1b4
* Typos in prose * Typo fix in copy/paste (dropped a letter) * markup fix: keep list within quoted text * Auto-corrupt cleanup: Jason to JSON * gateway: multiple typos and language nits * monitoring: add missing leafz, fix subsz spelling
Authentication
The NATS server provides various ways of authenticating clients:
- Token Authentication
- Username/Password credentials
- TLS Certificate
- NKEY with Challenge
- Accounts
- JWTs
Authentication deals with allowing a NATS client to connect to the server. Except for JWT authentication, authentication and authorization are configured in the authorization section of the configuration.
Authorization Map
The authorization block provides authentication configuration as well as authorization:
| Property | Description |
|---|---|
token |
Specifies a global token that can be used to authenticate to the server exclusive of user and password |
user |
Specifies a single global user name for clients to the server exclusive of token |
password |
Specifies a single global password for clients to the server exclusive of `token` |
users |
A list of user configuration maps |
timeout |
Maximum number of seconds to wait for client authentication |
For multiple username and password credentials, specify a users list.
User Configuration Map
A user configuration map specifies credentials and permissions options for a single user:
| Property | Description |
|---|---|
user |
username for client authentication |
password |
password for the user entry |
nkey |
public nkey identifying an user |
permissions |
permissions map configuring subjects accessible to the user |