NATS Docs
NATS Docs
NATS.io
Twitter
Slack
GitHub
Introduction
What's New!
NATS 2.2
NATS 2.0
Compare NATS
FAQ
NATS Concepts
What is NATS
Subject-Based Messaging
Publish-Subscribe
Request-Reply
Queue Groups
Acknowledgements
Sequence Numbers
Developing With NATS
Introduction
Connecting
Automatic Reconnections
Securing Connections
Authenticating with a User and Password
Authenticating with a Token
Authenticating with an NKey
Authenticating with a Credentials File
Encrypting Connections with TLS
Receiving Messages
Sending Messages
Monitoring the Connection
Tutorials
NATS Server
Installing
Running
Clients
Flags
Configuration
Managing A NATS Server
NATS and Docker
JetStream
About JetStream
Concepts
Getting Started
Administration & Usage from CLI
Monitoring
Data Replication
Clustering
Configuration Management
Disaster Recovery
Model Deep Dive
NATS API Reference
Multi-tenancy & Resource Mgmt
NATS Tools
Introduction
nats
nk
nsc
nats-account-server
nats-top
nats-bench
NATS Streaming Concepts
Introduction
Relation to NATS
Client Connections
Channels
Store Interface
Store Encryption
Clustering
Fault Tolerance
Partitioning
Monitoring
Developing With NATS Streaming
Introduction
Connecting to NATS Streaming
Publishing to a Channel
Receiving Messages from a Channel
Durable Subscriptions
Queue Subscriptions
Acknowledgements
The Streaming Protocol
NATS Streaming Server
Important Changes
Installing
Running
Configuring
Process Signaling
Windows Service
Embedding NATS Streaming Server
Docker Swarm
NATS Protocol
Protocol Demo
Client Protocol
NATS Cluster Protocol
NATS on Kubernetes
Introduction
Basic NATS and NATS Streaming Setup
Creating a Kubernetes Cluster
NATS Streaming Cluster with FT Mode
NATS and Prometheus Operator
NATS Cluster and Cert Manager
Securing a NATS Cluster with cfssl
Using a Load Balancer for External Access to NATS
Creating a NATS Super Cluster in Digital Ocean with Helm
From Zero to K8S to Leafnodes using Helm
Powered by GitBook

Authenticating with a Token

Tokens are basically random strings, much like a password, and can provide a simple authentication mechanism in some situations. However, tokens are only as safe as they are secret so other authentication schemes can provide more security in large installations. It is highly recommended to use one of the other NATS authentication mechanisms.

For this example, start the server using:

> nats-server --auth mytoken

The code uses localhost:4222 so that you can start the server on your machine to try them out.

Connecting with a Token

Go
Java
JavaScript
Python
Ruby
TypeScript
C
Go
// Set a token
nc, err := nats.Connect("127.0.0.1", nats.Name("API Token Example"), nats.Token("mytoken"))
if err != nil {
    log.Fatal(err)
}
defer nc.Close()
​
// Do something with the connection
Java
Options options = new Options.Builder().
                            server("nats://localhost:4222").
                            token("mytoken"). // Set a token
                            build();
Connection nc = Nats.connect(options);
​
// Do something with the connection
​
nc.close();
JavaScript
let nc = NATS.connect({url: `nats://127.0.0.1:${port}`, token: "mytoken!"});
Python
nc = NATS()
​
await nc.connect(servers=["nats://demo.nats.io:4222"], token="mytoken")
​
# Do something with the connection.
Ruby
NATS.start(token: "mytoken") do |nc|
  puts "Connected using token"
end
TypeScript
let nc = await connect({url: server.nats, token: "mytoken"});
C
natsConnection      *conn      = NULL;
natsOptions         *opts      = NULL;
natsStatus          s          = NATS_OK;
​
s = natsOptions_Create(&opts);
if (s == NATS_OK)
    s = natsOptions_SetToken(opts, "mytoken");
if (s == NATS_OK)
    s = natsConnection_Connect(&conn, opts);
​
(...)
​
// Destroy objects that were created
natsConnection_Destroy(conn);
natsOptions_Destroy(opts);

Connecting with a Token in the URL

Some client libraries will allow you to pass the token as part of the server URL using the form:

nats://token@server:port

Again, once you construct this URL you can connect as if this was a normal URL.

Go
Java
JavaScript
Python
Ruby
TypeScript
C
Go
// Token in URL
nc, err := nats.Connect("[email protected]")
if err != nil {
    log.Fatal(err)
}
defer nc.Close()
​
// Do something with the connection
Java
Connection nc = Nats.connect("nats://[email protected]:4222");//Token in URL
​
// Do something with the connection
​
nc.close();
JavaScript
let url = `nats://[email protected]:${port}`;
let nc = NATS.connect({url: url});
Python
nc = NATS()
​
await nc.connect(servers=["nats://[email protected]:4222"])
​
# Do something with the connection.
Ruby
NATS.start("[email protected]:4222") do |nc|
  puts "Connected using token!"
end
TypeScript
let url = `nats://:[email protected]:${port}`;
let nc = await connect({url: url});
C
natsConnection      *conn      = NULL;
natsOptions         *opts      = NULL;
natsStatus          s          = NATS_OK;
​
s = natsOptions_Create(&opts);
if (s == NATS_OK)
    s = natsOptions_SetURL(opts, "nats://[email protected]:4222");
if (s == NATS_OK)
    s = natsConnection_Connect(&conn, opts);
​
(...)
​
// Destroy objects that were created
natsConnection_Destroy(conn);
natsOptions_Destroy(opts);
Previous
Authenticating with a User and Password
Next
Authenticating with an NKey
Last updated 7 months ago
Edit on GitHub
Contents
Connecting with a Token
Connecting with a Token in the URL