Authentication

The NATS server provides various ways of authenticating clients:

Authentication deals with allowing a NATS client to connect to the server. Except for JWT authentication, authentication and authorization are configured in the authorization section of the configuration.

Authorization Map

The authorization block provides authentication configuration as well as authorization:

Property

Description

token

Specifies a global token that can be used to authenticate to the server (exclusive of user and password)

user

Specifies a single global user name for clients to the server (exclusive of token)

password

Specifies a single global password for clients to the server (exclusive of token)

users

A list of user configuration maps

timeout

Maximum number of seconds to wait for client authentication

For multiple username and password credentials, specify a users list.

User Configuration Map

A user configuration map specifies credentials and permissions options for a single user:

Property

Description

user

username for client authentication. (Can also be a user for tls authentication)

password

password for the user entry

nkey

public nkey identifying an user

permissions

permissions map configuring subjects accessible to the user