MQTT 5 enhanced authentication feature support.

[ting-ms]

According to the Mosquitto documentation, Mosquitto supports enhanced authentication through plugins. However, there is a lack of detailed information on how to configure it. I've attempted to use the plugin from https://github.com/iegomez/mosquitto-go-auth, which allows for configuring a backend to store username/password information and authenticate using username/password credentials. However, I haven't come across anything related to enhanced authentication, such as challenge/response authentication. Any advice on this?

[Daedaluz]

the mosquitto_auth_start and mosquitto_auth_continue callbacks in the plugin interface suggets challange/response authentication should be possible.

Or the MOSQ_EVT_EXT_AUTH_START and MOSQ_EVT_EXT_AUTH_CONTINUE callbacks if you use the newer plugin interface.

I haven't seen / heard of any plugins out there that utilize these methods in the wild, but then again, I haven't really searched for any.

I can imagine that any implementation probably would be very specific and very custom in many cases.

What kind of challenge / response authentication did you need?

Also: The extended auth is only MQTT v5.

[ting-ms]

@Daedaluz Thank you for your response. I just want to do some testing about enhanced authentication, so the specific authentication method isn't a critical concern for me right now.