Access Control
Access control pertains to controlling permissions for publish (PUBLISH) and subscribe (SUBSCRIBE) operations, which can be implemented at three levels:
- Client ID
- Username
- All users: controls permissions for topics without distinguishing between client ID and username.
TIP
- Access control uses a blacklist mode by default, ACL matching order is: All Users -> User/Client. The mode can be switched to whilelist via ticket.
- The combination of clientid/username + topic is unique, which means that only the latest record for the same clientid/username + topic is considered valid.
Add ACL Information
Fill in the client id, topic, allow/deny, pub/sub/pubsub, and then click Add
.
You can use the following placeholders in your topic and EMQX Cloud will be automatically populated with client information when requested.
- %u:Username
- %c:Client ID
Same process for Username
and All Users
.
Batch Add ACL Information
ACL information can be imported in bulk through CSV files.
All Users
are not supported
Download the template
Fill in the ACL information and submit the file
The sample template file for
username
is shown below:The sample template file for
clientid
is shown below:Click
import
button
Delete ACL Information
Click the delete
button to the right of the ACL information to delete the ACL information.