This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Note
Access to this page requires authorization. You can trysigning in orchanging directories.
Access to this page requires authorization. You can trychanging directories.
You can authenticate MQTT clients with OAuth 2.0 JWT to connect to the Event Grid namespace. You can embed and validate custom claims in the JWT to authorize publish or subscribe permissions to your Event Grid topic spaces.
Important
This feature is supported only when using the MQTT v5 protocol version.
You can use the MQTT v5 CONNECT packet to provide the OAuth 2.0 JWT to authenticate your client and the MQTT v5 AUTH packet to refresh the token.
Important
If you don't set the CONNECT packet's authentication method to CUSTOM-JWT, you receive an 'invalid issuer' error—even if all other configurations are correct.
In the CONNECT packet, you can provide the required values in the following fields:
| Field | Value |
|---|---|
| Authentication Method | CUSTOM-JWT |
| Authentication Data | JWT |
In the AUTH packet, you can provide the required values in the following fields:
| Field | Value |
|---|---|
| Authentication Method | CUSTOM-JWT |
| Authentication Data | JWT |
| Authentication Reason Code | 25 |
Authenticate Reason Code with value 25 signifies reauthentication.
Note
Audience:aud claim must be set to[namespace][region]-1.ts.eventgrid.azure.net/.
A client using OAuth 2.0 JWT authentication can use client attributes and permissions to limit access to specific topics.
Was this page helpful?
Need help with this topic?
Want to try using Ask Learn to clarify or guide you through this topic?
Was this page helpful?
Want to try using Ask Learn to clarify or guide you through this topic?