mirror of
https://github.com/taigrr/nats.docs
synced 2025-01-18 04:03:23 -08:00
40 lines
1.7 KiB
Markdown
40 lines
1.7 KiB
Markdown
# Authentication
|
|
|
|
The NATS server provides various ways of authenticating clients:
|
|
|
|
- [Token Authentication](tokens.md)
|
|
- [Username/Password credentials](username_password.md)
|
|
- [TLS Certificate](tls_mutual_auth.md)
|
|
- [NKEY with Challenge](nkey_auth.md)
|
|
- [Accounts](accounts.md)
|
|
- [JWTs](jwt_auth.md)
|
|
|
|
Authentication deals with allowing a NATS client to connect to the server.
|
|
Except for JWT authentication, authentication and authorization are configured in the `authorization` section of the configuration.
|
|
|
|
## Authorization Map
|
|
|
|
The `authorization` block provides _authentication_ configuration as well as _authorization_:
|
|
|
|
| Property | Description |
|
|
| :------ | :---- |
|
|
| [`token`](tokens.md) | Specifies a global token that can be used to authenticate to the server (exclusive of user and password) |
|
|
| [`user`](username_password.md) | Specifies a single _global_ user name for clients to the server (exclusive of token) |
|
|
| [`password`](username_password.md) | Specifies a single _global_ password for clients to the server (exclusive of `token`) |
|
|
| `users` | A list of user configuration maps |
|
|
| `timeout` | Maximum number of seconds to wait for client authentication |
|
|
|
|
For multiple username and password credentials, specify a `users` list.
|
|
|
|
|
|
## User Configuration Map
|
|
|
|
A `user` configuration map specifies credentials and permissions options for a single user:
|
|
|
|
| Property | Description |
|
|
| :------ | :---- |
|
|
| [`user`](username_password.md) | username for client authentication |
|
|
| [`password`](username_password.md) | password for the user entry |
|
|
| [`nkey`](nkey_auth.md) | public nkey identifying an user |
|
|
| [`permissions`](authorization.md) | permissions map configuring subjects accessible to the user |
|