generalnats

Use token-based authentication

NATS supports server authentication by default. To secure the server from remote connections, you can configure NATS to use a token instead of a username and password. Follow these instructions:

  • In the /opt/bitnami/nats/conf/nats-server.conf file, edit the “Authorization for client connections” section to comment the “user” and “pass” lines and add a “token” line. Your file must change from:

      # Authorization for client connections
      authorization {
          user: nats
          pass: XXXXXX
          timeout: 1
      }
    

    To:

      # Authorization for client connections
      authorization {
          #user: nats
          #pass: XXXXXX
          token: TOKEN
          timeout: 1
      }
    

    NOTE: TOKEN is a placeholder, replace it with the desired value.

  • Restart NATS to make the changes take effect:

      $ sudo /opt/bitnami/ctlscript.sh restart nats
    

Once you have changed that value, you can use the selected token to authenticate when connect to the server with a client.

Last modification May 22, 2023