Hello,
I am trying to understand exactly how "per-publisher tokens" as documented in the Event Hubs docs (http://msdn.microsoft.com/en-us/library/azure/dn789972.aspx) are used by the Service Bus and if/how they can be accessed by a receiving client that processes event hub event data.
The documentation says:
Per-publisher tokens can be generated, thereby giving each publisher unique security material and their own specific URI for sending events. There is no additional provisioning required for these publisher tokens/URIs.
And from the examples I have looked at from MSFT they do things like this I the same client:
string token1 = CreateSasToken(eventHubAddress + "/publishers/dev-01", devicesSendKeyName, primaryDeviceKey);
string token2 = CreateSasToken(eventHubAddress + "/publishers/dev-02", devicesSendKeyName, primaryDeviceKey);Which to me looks like any sending client with the SAS key can generate a publisher token for any publisher endpoint they desire. It looks like any client with a send capable SAS key can send to any publisher. I am failing to understand how per-publisher tokens like this add value in terms of authentication or authorization.
It would be useful to me to see from the receiving client that a data point came from a publisher endpoint (which you can) and see the publisher specific token that was auth'd with.