34 lines
831 B
Markdown
34 lines
831 B
Markdown
Enhanced JWT ACL Claim Format.
|
|
|
|
The JWT ACL claim has been upgraded to support a more versatile format.
|
|
It now accepts an array structure, which resembles the file-based ACL rules.
|
|
|
|
For example:
|
|
|
|
```json
|
|
[
|
|
{
|
|
"permission": "allow",
|
|
"action": "pub",
|
|
"topic": "${username}/#",
|
|
"qos": [0,1],
|
|
"retain": true
|
|
},
|
|
{
|
|
"permission": "allow",
|
|
"action": "sub",
|
|
"topic": "eq ${username}/#",
|
|
"qos": [0,1]
|
|
},
|
|
{
|
|
"permission": "deny",
|
|
"action": "all",
|
|
"topics": ["#"]
|
|
}
|
|
]
|
|
```
|
|
|
|
In this new format, when no matching rule is found, the action is not automatically denied.
|
|
This allows the authorization process to proceed to other configured authorization sources.
|
|
If no match is found throughout the chain, the final decision defers to the default permission set in `authorization.no_match`.
|