HiveMQ Enterprise Security Extension

Category: Security
Version: Bundled with HiveMQ   |   License: Commercial
Provider: HiveMQ    |   Verified: yes

Product Resources
Please use the following links to download and try the extension, read the installation guide, learn more about features, or find out how we can help.

About this extension

The HiveMQ Enterprise Security Extension (ESE) expands the role, user, and permission-management capabilities of HiveMQ’s Enterprise and Professional editions.
ESE allows you to use different sources of external authentication and authorization data to authenticate and authorize MQTT clients. You can define the domains to partition your server into protected areas. The extension also processes incoming client connections in highly configurable pipelines — offering customizable stages to handle the authentication and authorization of your clients.

star-icon Update

With the 4.18 platform release, the HiveMQ Enterprise Security Extension now has the following feature enhancements:

  1. This extension’s X.509 preprocessor can now extract additional fields from X.509 certificates. These fields are now available as ESE variables, which are used for processing user authentication and authorization.

  2. It is now possible to configure an unlimited number of customizable general-purpose variables and personalize their names. This added feature provides greater flexibility in tailoring your HiveMQ Enterprise Security Extension pipelines to your specific needs.

For more details on these feature enhancements, how they work and how they help, please refer to the 4.18 release blogpost and the extension documentation.


Here’s what you can do with this Extension:

Full support for authentication authorization

Full support for authentication/authorization via SQL databases and more

Full support for authentication and authorization via SQL databases and for OAuth 2.0 authentication via JSON Web Tokens

Individualize topic permissions on a client basis

Individualize topic permissions on a client basis via dynamic permission placeholders

Individualize topic permissions
Authentication for Google Pub Sub

Implement sophisticated custom logic authentication

Implement sophisticated custom logic for authentication over LDAP (Lightweight Directory Access Protocol)

Detailed access logs for easy data monitoring

Detailed access logs for easy data monitoring and tracking potential security breaches

Detailed access logs for easy data monitoring
Access controls including Role-based Access Controls

Access controls (including Role-based Access Controls)

Access controls, including role-based access control (RBAC) for the HiveMQ Control Center (ESE version 1.2.0 and higher)

Try HiveMQ Enterprise Security Extension

Download the latest version of the HiveMQ platform, which contains an evaluation version of this extension, limited to a 5-hour operating window. You can reset this window by restarting the HiveMQ broker each time. For the production version of this extension, please contact our sales team.


Learn how we can help you

Talk to an expert and learn how the HiveMQ platform can help you.