> ## Documentation Index
> Fetch the complete documentation index at: https://docs.activeviam.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Add custom machine-to-machine authentication

> How to customize machine-to-machine authentication for REST requests between Atoti Limits and connected Atoti Server instances, using ILimitsRestClientBuilder or ILimitsRestTemplateBuilder, with examples for JWT and Kerberos

This section describes how to add custom authentication when sending MtM requests
between Atoti Limits and your connected servers.

## Overview

Atoti Limits connects to your Atoti Server application via MtM
REST requests. For more information on the connection, see the [connection guide](../integration/java#overview).

By default, [JWT Authentication](https://auth0.com/docs/secure/tokens/json-web-tokens)
is used to authenticate the REST requests. This is configured using the [autoconfiguration properties](../../user-ref/properties/config-properties/limits-integration-common).

Your organization may not permit JWT authentication, may require some other form of authentication,
or may already have some third-party authentication mechanism in place. In these scenarios, knowing how to extend Atoti Limits’s machine-to-machine authentication mechanisms is useful.

## How to add custom MtM authentication

The steps are as follows:

### 1. Configure your connected server REST client

In your connected Atoti Server project, implement an instance of `ILimitsRestClientBuilder` (for Atoti Server version `6.1.x` or `6.0.x-sb3`) or `ILimitsRestTemplateBuilder` (for Atoti Server version `6.0.x`).

Your implementation should return the `RestClient.Builder` or `RestTemplateBuilder` that you intend to use.

These are used to create Http clients used to send REST requests from the connected servers to Atoti Limits.

<Accordion title="ILimitsRestClientBuilder">
  ```java theme={"languages":{"custom":["/engine/python-sdk/0.9/languages/pycon.tmLanguage.json"]}}
  /**
   * <b>ILimitsRestClientBuilder</b>
   *
   * <p>Used to provide a {@link RestClient.Builder} for sending authenticated requests to Atoti
   * Limits from the connected server.
   *
   * @author ActiveViam
   */
  @FunctionalInterface
  public interface ILimitsRestClientBuilder {

    RestClient.Builder getRestClientBuilder();
  }
  ```
</Accordion>

<Accordion title="ILimitsRestTemplateBuilder">
  ```java theme={"languages":{"custom":["/engine/python-sdk/0.9/languages/pycon.tmLanguage.json"]}}
  /**
   * <b>ILimitsRestTemplateBuilder</b>
   *
   * <p>Used to provide a {@link RestTemplateBuilder} for sending authenticated requests to Atoti
   * Limits from the connected server.
   *
   * @author ActiveViam
   */
  @FunctionalInterface
  public interface ILimitsRestTemplateBuilder {

    RestTemplateBuilder getRestTemplateBuilder();
  }
  ```
</Accordion>

### 2. Configure your Atoti Limits REST client

In your Atoti Limits project, implement an instance of `ILimitsRestClientBuilder`. This is used to create an Http client
used to send REST requests from Atoti Limits to the connected servers. This interface is the
same as the `ILimitsRestClientBuilder` in the previous section.

<Accordion title="ILimitsRestClientBuilder">
  ```java theme={"languages":{"custom":["/engine/python-sdk/0.9/languages/pycon.tmLanguage.json"]}}
  /**
   * <b>ILimitsRestClientBuilder</b>
   *
   * <p>Used to provide a {@link RestClient.Builder} for building and sending authenticated requests
   * from Atoti Limits to the connected servers.
   *
   * @author ActiveViam
   */
  @FunctionalInterface
  public interface ILimitsRestClientBuilder {

    RestClient.Builder getLimitsRestClientBuilder();
  }
  ```
</Accordion>

### 3. Import your custom implementations as Spring beans

Finally, expose your [custom implementations as Spring Beans](.#importing-spring-beans-into-the-project).

This is the simplest way to implement custom MtM authentication. In the following sections we’ll dive
into some examples.

* [Adding JWT MtM Authentication](./custom-mtm-authentication/custom-jwt-mtm-authentication)
* [Adding Kerberos MtM Authentication](./custom-mtm-authentication/custom-kerberos-mtm-authentication)
