Authentication

NoLag uses access tokens to authenticate clients. Learn how to obtain and use tokens securely.

Access Tokens

Access tokens are used to authenticate your clients with NoLag. Each token is associated with an Actor (user, device, or server) and determines what topics they can access.

Obtaining Tokens

1. Log in to the NoLag Dashboard
2. Navigate to your project
3. Go to Actors section
4. Create a new Actor or select an existing one
5. Copy the access token (shown only once on creation)

Using Access Tokens

import { NoLag } from '@nolag/js-sdk'

// Using an access token
const client = NoLag('your_access_token')
await client.connect()

console.log('Authenticated and connected!')

Token Types

Actor Types

• Device - For IoT devices, browsers, mobile apps
• User - For authenticated end users
• Server - For backend services with elevated permissions

Security Best Practices

• Never expose tokens in client-side code - Use environment variables or secure token exchange
• Rotate tokens regularly - Especially for production environments
• Use least privilege - Only grant necessary permissions to each Actor
• Monitor usage - Check the dashboard for unusual activity

Next Steps

• Quick Start Guide
• Access Control Lists