Each account has its own independent subject namespace: a message published on subject 'foo' in one account will not be seen by subscribers to 'foo' in other accounts. Accounts can however define exports and imports of subject(s) streams as well as expose request-reply services between accounts. Users within an account will share the same subject namespace but can be restricted to only be able to publish-subscribe to specific subjects.
The NATS server provides various ways of authenticating clients:
Authentication deals with allowing a NATS client to connect to the server. Except for JWT authentication, authentication and authorization are configured in the
authorizationsection of the configuration. With JWT authentication the account and user information are stored in the resolver rather than in the server configuration file.
userconfiguration map specifies credentials and permissions options for a single user: