Permissions
Permissions are the individual rules that define which MQTT topics a client can publish to or subscribe to.
Each permission specifies:
-
A topic filter: the topic or topic pattern the rule applies to
-
An action: publish, subscribe, or both
-
An effect: allow or deny
The broker evaluates permissions on every publish and subscribe request from a connected client.
Topic Filters in Permissions
Topic filters in permissions follow the same wildcard syntax as MQTT subscriptions:
-
` matches a single level in the topic hierarchy. For example, `sensors//temperaturematchessensors/room1/temperatureandsensors/room2/temperature. -
matches all remaining levels. For example,sensors/matches all topics undersensors/.
Use specific topic filters to limit client access to only the topics each client needs.
Overly broad filters, such as #, grant access to all topics on the broker.
HiveMQ Platform
Assign permissions to clients directly or through roles. For role-based assignment, see Role-Based Access Control.
For the broader access management context, see Access Management.