Anonymous authentication

edit

Elastic APM agents can send unauthenticated (anonymous) events to the APM Server. This is useful for agents that run on clients, like the Real User Monitoring (RUM) agent running in a browser, or the iOS/Swift agent running in a user application. Incoming requests are considered to be anonymous if no authentication token can be extracted from the incoming request. By default, these anonymous requests are rejected and an authentication error is returned.

Anonymous authentication must be enabled to collect RUM data. To enable anonymous access, set either apm-server.rum.enabled or apm-server.auth.anonymous.enabled to true.

Because anyone can send anonymous events to the APM Server, additional configuration variables are available to rate limit the number anonymous events the APM Server processes; throughput is equal to the rate_limit.ip_limit times the rate_limit.event_limit.

See Anonymous authentication for a complete list of options and a sample configuration file.