taigrr/nats.docs
1
0
Fork 0
mirror of https://github.com/taigrr/nats.docs synced 2025-01-18 04:03:23 -08:00
Code Issues Projects Releases Wiki Activity
nats.docs/nats_server/auth_intro.md
Alberto Ricart b2b60e92e1 allow/deny
2019-05-20 11:59:18 -05:00

65 lines
2.1 KiB
Markdown
Raw Blame History

# Authentication
The NATS server provides various ways of authenticating clients:
- Token Authentication
- Username/Password credentials
- TLS Certificate
- NKEY with Challenge
- JWTs with Challenge
Authentication deals with allowing a NATS client to connect to the server.
With the exception of JWT authentication, authentication and authorization configuration is in the `authorization` block of the configuration.
## Authorization Map
The `authorization` block provides _authentication_ configuration as well as _authorization_:
| Property | Description |
| :------ | :---- |
| [`token`](tokens.md) | Specifies a token that can be used to authenticate to the server |
| [`user`](username_password.md) | Specifies a single user name for clients to the server |
| [`password`](username_password.md) | Specifies a single password for clients to the server |
| `users` | A list of `user` configuration maps |
| `timeout` | Maximum number of seconds to wait for client authentication |
### User Configuration Map
A `user` configuration map specifies credentials and permissions options for a single user:
| Property | Description |
| :------ | :---- |
| [`user`](username_password.md) | username for client authentication |
| [`password`](username_password.md) | password for the user entry |
| [`nkey`](nkey_auth.md) | public nkey identifying an user |
| `permissions` | permissions map configuring subjects accessible to the user |
### Permissions Configuration Map
The `permissions` map specify subjects that can be subscribed to or published by the specified client.
| Property | Description |
| :------ | :---- |
| `publish` | subject or list of subjects or permission map the client can publish |
| `subscribe` | subject or list of subjects or permission map the client can publish |
### Permission Map
The `permission` map provides additional properties for configuring subject permissions:
| Property | Description |
| :------ | :---- |
| `allow` | List of subject names that are allowed to the client |
| `deny` | List of subjects that are denied to the client |
Reference in New Issue View Git Blame Copy Permalink