Extended Authentication

Extended authentication enables users to utilize their own services for authentication, supporting external databases such as MySQL and Redis as data sources, or connecting to HTTP services for authentication.

Note

Extended authentication is not supported in EMQX Serverless deployments.

Extended Authentication Data Sources

HTTP Authentication

MySQL Authentication

PostgreSQL Authentication

Redis Authentication

JWT Authentication

TIP

A maximum of two extended authentication data sources can be created.

Authentication Order

After adding extended authentication data sources, users can sort the authentication sources. On the Extended Authentication page, click Authentication Order to enter the sorting page. The deployment will authenticate in the order from left to right, with the default authentication chain order being default authentication -> extended authentication.

If authentication succeeds, the authentication chain is terminated, and the client is allowed to connect.
If authentication fails, the authentication chain is terminated, and the client is denied access.
If the current data source does not match, it moves to the next authentication source for authentication.

Custom authentication chains: Authentication data source icons can be dragged and arranged left and right to organize the order of authentication. auth_management

Create a Dedicated Deployment

Configure PrivateLink

Extended Authentication

Extended Authorization

Single Sign-On (SSO)

Alerts

CoAP Gateway

Rules

LLM-Based MQTT Data Processing

Schema Registry

Platform API

Deployment API

Serverless Deployment API

Extended Authentication

Extended Authentication Data Sources

Authentication Order

Serverless Deployment API

Extended Authentication ​

Extended Authentication Data Sources ​

Authentication Order ​

Extended Authentication

Extended Authentication Data Sources

Authentication Order