Configuration

    A new field when configuring users allows you to restrict which type of connections are allowed for a specific user.

    Consider this configuration:

    The option (also can be named connection_types or clients) as you can see is a list, and you can allow several type of clients. Suppose you want the user bar to accept both standard NATS clients and MQTT clients, you would configure the user like this:

    The absence of allowed_connection_types means that all type of connections are allowed (the default behavior).

    • STANDARD
    • LEAFNODE

    When an MQTT client creates a QoS 1 subscription, this translates to the creation of a JetStream durable subscription. To receive messages for this durable, the NATS Server creates a subscription with a subject such as $MQTT.sub.<nuid> and sets it as the JetStream durable’s delivery subject.

    Therefore, if you have set some permissions for the MQTT user, you need to allow subscribe permissions on $MQTT.sub.>.