Simultaneously Support Multiple Authentication Mechanisms #6062
-
|
Hi, Is it possible for a NATS server to support Token Authentication, as well as JWT Authentication at the same time? I've tried to configure the server to support both, but when JWT Authentication is introduced, Token Authentication is ignored and the server will reject any client authenticating with a token. Thanks |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Believe at the moment the server doesn't allow mixed modes of authentication within the same config, like combining token and JWT auth. But in essence there are two alternative ways to achieve this:
|
Beta Was this translation helpful? Give feedback.
-
|
Got it. Thank you @MauriceVanVeen . |
Beta Was this translation helpful? Give feedback.
Believe at the moment the server doesn't allow mixed modes of authentication within the same config, like combining token and JWT auth. But in essence there are two alternative ways to achieve this:
Use a leaf node. You connect to the leaf node using Token Authentication, and the leaf node is connected up to another server/cluster that uses JWT Authentication. A leaf node allows you to have separate security domains, for example different authN/Z.
Link to the docs: https://docs.nats.io/running-a-nats-service/configuration/leafnodes
An alternative is using Auth Callout. A client connects to your server with either token or JWT (or user/pass, etc.), the server calls out to a service tha…