# Contributed Plugins
These are fully supported plugins but require additional dependencies to be installed:
`$ pip install '.[contrib]'`
- [Relational Database Auth](auth_db.md)
Grant or deny access to clients based on entries in a relational db (mysql, postgres, maria, sqlite). _Includes
manager script to add, remove and create db entries_
- `amqtt.contrib.auth_db.UserAuthDBPlugin`
- `amqtt.contrib.auth_db.TopicAuthDBPlugin`
- [HTTP Auth](http.md)
Determine client authentication and/or authorization based on response from a separate HTTP server.
- `amqtt.contrib.http.UserAuthHttpPlugin`
- `amqtt.contrib.http.TopicAuthHttpPlugin`
- [LDAP Auth](ldap.md)
Authenticate a user with an LDAP directory server.
- `amqtt.contrib.ldap.UserAuthLdapPlugin`
- `amqtt.contrib.ldap.TopicAuthLdapPlugin`
- [Shadows](shadows.md)
Device shadows provide a persistent, cloud-based representation of the state of a device,
even when the device is offline. This plugin tracks the desired and reported state of a client
and provides MQTT topic-based communication channels to retrieve and update a shadow.
`amqtt.contrib.shadows.ShadowPlugin`
- [Certificate Auth](cert.md)
Using client-specific certificates, signed by a common authority (even if self-signed) provides
a highly secure way of authenticating mqtt clients. Often used with IoT devices where a unique
certificate can be initialized on initial provisioning. _Includes command line utilities to generate
root, broker and device certificates with the correct X509
attributes to enable authenticity._
`amqtt.contrib.cert.UserAuthCertPlugin`
- [JWT Auth](jwt.md)
Plugin to determine user authentication and topic authorization based on claims in a JWT.
- `amqtt.contrib.jwt.UserAuthJwtPlugin` (client authentication)
- `amqtt.contrib.jwt.TopicAuthJwtPlugin` (topic authorization)
- [Session Persistence](session.md)
Plugin to store session information and retained topic messages in the event that the broker terminates abnormally.
`amqtt.contrib.persistence.SessionDBPlugin`