virtualMachinenats

Use token-based authentication

NATS supports server authentication by default. To secure the server from remote connections, you can configure NATS to use a token instead of a username and password. Follow these instructions:

  • In the /opt/bitnami/nats/conf/gnatsd.conf file, edit the “Authorization for client connections” section to comment the “user” and “pass” lines and uncomment the “#client_token” line. Your file must change from:

    # Authorization for client connections
    authorization {
        user: nats
        pass: XXXXXX
        # client_token:
        timeout: 1
    }
    

    To:

    # Authorization for client connections
    authorization {
        #user: nats
        #pass: XXXXXX
        token: TOKEN
        timeout: 1
    }
    

    NOTE: TOKEN is a placeholder, replace it with the desired value.

  • Restart NATS to make the changes take effect:

    $ sudo /opt/bitnami/ctlscript.sh restart nats
    

Once you have changed that value, you can use the selected token to authenticate when connect to the server with a client.

Last modification September 4, 2018