Create a JSON Web Token

JSON Web Token (JWT) authentication uses signed tokens to verify MQTT client identity without username-password credentials or certificates. For more information, see Authentication.

JWT authentication requires a Starter or Enterprise plan.
The Starter plan supports only the following registered JWT claims: iss, sub, aud, iat, exp, scope.

To open JWT settings, follow the steps in Configure Access Management, then switch to Access Management.

  1. In Authentication > JSON Web Token, click Configure.

  2. In the JSON Web Token area, click Add JSON Web Token.

  3. In JWKS Endpoint, enter the endpoint URL.

  4. In Claims, enter one or more key-value pairs.

    Claims are key-value pairs in the JWT payload. The broker uses claims to verify and authorize the client.

  5. In Role, select a role from the list to set the access level the JWT allows.

  6. Click Save.

JWT authentication is now active for your broker.