Skip to content

Mqtt Broker Auth

DodaTech 1 min read

In this tutorial, you'll learn about EMQX Client Authentication Fails. We cover key concepts, practical examples, and best practices.

The Problem

MQTT clients cannot connect with authentication credentials.

Quick Fix

Wrong

mqttx pub -t test -m hello -u admin -P password  # Connection refused
Connection refused or authentication error.
# 1. Enable authentication via Dashboard or API
curl -u admin:public -X POST http://localhost:18083/api/v5/authentication/password-based:built-in-database \
  -H 'Content-Type: application/json' \
  -d '{'mechanism':'password_based','backend':'built_in_database'}'

# 2. Add a user
curl -u admin:public -X POST http://localhost:18083/api/v5/authentication/password-based:built-in-database/users \
  -d '{'user_id':'myuser','password':'mypass'}'

# 3. Test connection
mqttx pub -t test -m hello -u myuser -P mypass
Client connects successfully with credentials.

Prevention

EMQX 5.x requires explicit authentication configuration — no anonymous access by default. Backends: built-in database, Redis, MySQL, PostgreSQL, LDAP, HTTP. Use token-based auth for device fleets. Avoid username/password in code — use environment variables.

DodaTech engineers apply these same patterns across Doda Browser, DodaZIP, and Durga Antivirus Pro for production IoT reliability.

FAQ

### Does EMQX allow anonymous connections?

In EMQX 5.x, anonymous access is disabled by default. Enable with: mqtt.anonymous = true in emqx.conf (not recommended for production).

What auth backends are supported?

Built-in DB, Redis, MySQL, PostgreSQL, MongoDB, LDAP, JWT, HTTP, and custom plugins.

How do I authenticate MQTTS connections?

TLS client certificates can be used for authentication (X.509). Configure listener.ssl.* settings with CA and cert paths.

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro