-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to differenciate devices/users on mosquitto? #1645
Comments
This is not really a mosquitto issue, but a mqtt design issue, and would be a more appropriate question on the generic mqtt mailing list. That said, one of the common approaches is to require a "user id" of some form in the beginning of the topic, and use ACLs to restrict access based on that. Another approach is to "mounting" each user to their own subtree. This is effectively the same, just appears different to the users. |
There's really two questions here, one of which is a mosquitto question. About topics, it's not clear to me what you're trying to achieve, but I suggest you design your topics based on the message recipients. If you need to send a message to a device, build a device id into the topic. If you need to send messages to some application, have all the devices publish to the application's topic and build the device id into the payload. Access control works against topics, so you need to have distinct topics for distinct users, although as Karl says there are ways to hide that at the broker level. My opinion is you're better off keeping the broker configuration simple and building the user name into the topic. |
Thank you for your anwer and sorry for the english: My idea is to differentiate the user and the device from other in order to be unique and cannot be reached easily from outside: However i see that is only possible a single user and single password in the configuration, so i tried these aproach designing the topic: user:id/device:id/topic_1/topic_2/.../topic_n Where user:id and device:id can be taken from the database or backend. But i don't know if this aproach is good Thank you |
Hello:
I'm developing a web app with mqtt protocol using mosquitto, by my limited undestood the pub/sub logic is in the form.
and
.
I read that is possible to put a username and password but if i understand is for the entire broker server, but i need to differentiate each device/user (in the app the user can create/delete multiple unique devices with their own different measures but the topics could be the same between users or devices), and make difficult to a third party to access data via console(only knowing the topic assuming that the topic name could be the same between users/devices), i wonder if it is possible to use tokens, oauth, or something similar on mosquitto.
Thank you and sorry for the english.
The text was updated successfully, but these errors were encountered: