Reference

authorization

Authorization map for gateways. When a single username/password is used, it defines the authentication mechanism this server expects, and how this server will authenticate itself when establishing a connection to a discovered gateway. This will not be used for gateways explicitly listed in gateways and therefore have to be provided as part of the URL. With this authentication mode, either use the same credentials throughout the system or list every gateway explicitly on every server. If the tls configuration map specifies verify_and_map only provide the expected username. Here different certificates can be used, but they do have to map to the same username. The authorization map also allows for timeout which is honored but users and token configuration are not supported and will prevent the server from starting. The permissions block is ignored.

  • Default value: n/a
  • Hot reloadable: Yes

Values

TypeDescriptionChoices
objectAn object with a set of explicit properties that can be set.-

Properties

NameDescriptionTypeDefault
usernameSpecifies a global user name that clients can use to authenticate the server (requires password, exclusive of token).string-
passwordSpecifies a global password that clients can use to authenticate the server (requires user, exclusive of token).string-
tokenSpecifies a global token that clients can use to authenticate with the server (exclusive of user and password).string-
usersA list of multiple users with different credentials.object-
default_permissionsThe default permissions applied to users, if permissions are not explicitly defined for them.object-
timeoutMaximum number of seconds to wait for a client to authenticate.float1
Previous
connect_retries