Assuming that I have a non-sandbox deployment of the canton participant node.
No auth is set up.
Do I need to provide a JWT when submitting commands to the Ledger API or connecting to a stream?
My original understanding is that you always need a JWT when you interact with the JSON API, but with the Ledger API, you’d only need one if auth is configured.
However, this section in the documentation made me uncertain:
https://docs.daml.com/app-dev/authorization.html
This is not the case for participant nodes of deployed ledgers. They check for every Ledger API request whether the request contains an access token that is valid and sufficient to authorize the request. You thus need to add support for authorization using an access token to your application to run it against a deployed ledger.
So, do you need a JWT, or is the participant inferring who you need to be to successfully send the command and assume that this is your identity?
Also if you DO provide a JWT without auth being configured, is the JWT considered at all, or is the signature just not being verified?