Hi @daniel.dg.gutierrez ,
For testing purposes, you can get rid of the SQL realm and allow to authorize all authenticated clients:
<?xml version="1.0" encoding="UTF-8" ?>
<enterprise-security-extension
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="config.xsd"
version="1">
<realms>
<!-- a oauth provider-->
<jwt-realm>
<name>jwt-provider</name>
<enabled>true</enabled>
<configuration>
<jwks-endpoint>https://jwt-host/keys</jwks-endpoint>
<introspection-endpoint>https://jwt-host/introspection</introspection-endpoint>
<simple-auth>
<username>hivemq</username>
<password>password</password>
</simple-auth>
</configuration>
</jwt-realm>
</realms>
<pipelines>
<!-- secure access to the mqtt broker -->
<listener-pipeline listener="ALL">
<!-- authenticate with provided jwts -->
<jwt-authentication-manager>
<realm>jwt-provider</realm>
<jwt-validation>
<exp-grace disconnect-after-expiry="true">300</exp-grace>
</jwt-validation>
</jwt-authentication-manager>
<allow-all-authorization-manager />
</listener-pipeline>
</pipelines>
</enterprise-security-extension>
I hope it helps.
Kind regards,
Dasha from HiveMQ Team