In current version, Token is considered as a simple string.
Set token in agent.config file
# Authentication active is based on backend setting, see application.yml for more details.
agent.authentication = xxxxMeanwhile, open the backend token authentication.
The Collector verifies every request from agent, allowed only the token match.
If the token is not right, you will see the following log in agent
org.apache.skywalking.apm.dependencies.io.grpc.StatusRuntimeException: PERMISSION_DENIED
No, you shouldn't. In tech way, you can of course, but token and TLS are used for untrusted network env. In that circumstance, TLS has higher priority than this. Token can be trusted only under TLS protection.Token can be stolen easily if you send it through a non-TLS network.
For now, no. But we appreciate someone contributes this feature.