Is data sent via RPC secure?

Hello Nakama Team,

We are reaching the final phase of the project. There are a few issues that would like to be understood. Hope you will answer and help me.

  1. I have an rpc function that generates tokens: nk. jwtGenerate, will generate a token and send it to the client. The client will authenticate with a third party. I want to ask what is the RPC transport protocol? is it safe? (SSL available). And Is client data sent via RPC secure?

  2. What is the transmission protocol of Match messages? TCP or UDP, is it encrypted with SSL?.

  3. Is the transmission protocol of Messages in Groups, Channels, and Individuals TCP or UDP? Is it SSL encrypted?

Thank you

Hello @dhforever,

This entirely depends on your server deployment, the assumption for secure communications with the server is that you’ve either configured SSL via the Nakama config (which works but is generally not recommended for production deployments) or your Nakama instance sits behind a load balancer with SSL.

If this is correctly setup then everything called via REST should use HTTPS, and all socket connections should use WebSocket Secure (TCP + TLS).

Hope this clarifies.

1 Like

Thank you so much. useful information.

Hello, simply routing nakama console, rpc behind nginx, then behind cloudflare can let you have a front facing SSL for clients. Hope this helped you out.