Menu
I'm trying to setup an architecture for my software-project. As you can see in the drawing, as the client successfully logs in, he will receive a JWT (Node.js API). My Question now is, if it is a good practice to send this token to the MQTT Broker so the client can access the MQTT Broker directly and get live data. Is this how its done? If not, how can i authenticate the client to the API and the MQTT Broker with just a single log-in? Thanks in advance!
892
Yes, that looks like a feasible approach. Given that the MQTT can validate the JWT, this setup reduces the need for the MQTT broker to communication with a different service to authenticate and authorize a request made by the client. The JWT is self contained, all that is necessary to validat it is the public key of the issuer or the shared secret used to sign the JWT.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
