[Feature Request] HTTP authentication for clients

[anvouk]

Is your feature request related to a problem? Please describe.
No.

Describe the solution you'd like
A way to authenticate MQTT clients by calling an external HTTP endpoint and parsing the response.
This endpoint will accept client_id,username,passwords,etc. and the response will determine whether the
client is allowed to connect or not.

Describe alternatives you've considered
TLS auth but can be inflexible for complex business rules.

Additional context
This is something currently present in both emqx and rabbitmq.

[dmytro-landiak]

Hi @anvouk,

Thanks for raising the issue — this is a valid and important feature request. We’re currently working on a broader authentication providers feature, including JWT-based authentication support. As part of this larger initiative, we’re exploring flexible and extensible mechanisms for authenticating MQTT clients, and your proposal to support external HTTP-based authentication fits well within that scope.

We'll keep this in mind as we finalize the scope and design of the new auth provider architecture. Stay tuned for the updates.