Product Updates

Build a Secure Application with PubNub’s Access Manager

3 min read Hiren Adesara on Oct 20, 2021
Blog_header__Secure_Access_Manager.jpg

As our online interactions continue to grow, a secure application is fundamental to ensure that your users have a positive, engaging in-app experience. Without having secure controls in place, it leaves the door open for bad actors to potentially listen to and send messages to your channels, which can ultimately negatively impact your user’s overall experience.

As a way to further support our customers and ensure they can keep their app and operations healthy, we are excited to announce the new release of PubNub’s Access Manager v3

Ensure the security of your application with Access Manager v3

Online user communities expect a fast and secure environment where they can interact with their friends, family, new acquaintances, or other community members in real time. And in an environment where real-time interactions are taking place, Access Manager makes it easy to create a healthy in-app experience for your users to connect by offering secure controls, low latency, and operational reliability. 

Access Manager v3 is a new cryptographic, token-based permission system aimed to secure your application and protect it against unauthorized third-party access attempts. Access Manager v3 provides: 

  • User to token binding: Allows token to be used only by a single authorized user.

  • Robust pattern matching using RegEx: Utilize the power of RegEx in assigning permissions to PubNub resources by creating RegEx patterns.

  • Optimized token creation: Fast token creation allows for a more secure “just-in-time” generation of short lived token for many use cases. We also provide the ability to grant permissions to multiple resources in a single API call.

  • Low latency: Cryptographic tokens enable low latency for authorization checks on request. 

This new version of Access Manager significantly lowers latency and offers higher operational stability, while providing an increased set of security options that improves flexibility in terms of setting and verifying permissions.

Foster healthy online experiences with secure communication 

Take social or gaming apps: secure, real-time communication with low latency is especially important in these Virtual Spaces. With gaming and social experiences where multiple users are interacting instantaneously, Access Manager gives you the ability to grant or limit user access, or to give read and write permissions on a channel-by-channel basis, ensuring that messages are protected. 

Another important use case for controlled access is IoT device management, where secure real-time data is streaming between registered devices. Using permission management controls, you can allow only authorized users to manage their smart home devices such as light bulbs, door locks, temperature sensors, and security cameras. 

Key features of Access Manager

Access Manager allows developers to create and enforce secure access to channels, channel groups, and other PubNub resources throughout the PubNub real-time communication platform. Once enabled, no operations can be executed without submitting an authorization token as part of the request.

Here are just a few of the benefits of using Access Manager: 

Permission Management: Segment permissions by channel, user, or channel group.

No Server Load: PubNub handles the server loads associated with application access controls. Assign security tokens to users and devices and Access Manager does the rest.

Seamless Control: Use Access Manager seamlessly alongside Presence, Functions, and other PubNub APIs.

Any Authentication Scheme: PubNub works with any kind of authentication solutions that you might be using in your application such as OAuth, Google and Facebook authentication as well as custom solutions.

Robust Authorization: Add a layer of protection to prevent unauthorized access to publish/subscribe keys.

Ultimately, Access Manager provides developers with tools to increase the security of their applications and block end users from accessing resources that they haven't been explicitly granted permission for.