Authentication of external users provides an authentication system that secures access to your application. External users can signup and login to your application and get a secure access to data and APIs.

Check out this simple example with complete code example here. Also read this blog post for a complete To-Do application

Auth0 authentication logo support direct integration with the authentication service. If you are new to Auth0, get started here: Auth0 quick start for single page applications

Set up clientID and clientSecret from Auth0

  1. Auth0: Create a new client in your Auth0 account
  2. Auth0: Pick framework (e.g. "Single Page Web Application"), then select your client framework, e.g. Javascript Single Page Application
  3. Auth0: Add allowed callback URLs, typically your application start URL.
  4. Restdb: Navigate to database Settings/Authentication. Enable the authentication checkbox and copy the Client ID and Client Secret.

Add users from Auth0 to your database

An optional step for the Auth0 integration is to transfer signed up users from Auth0 to your database. The users can be added to the predefined collection "users". Or you can create a new collection to store user data.

Create a new empty rule in Auth0 and add the following JavaScript code to the rule. This rule will add a user to the database at first login.

    function (user, context, callback) {
      // short-circuit if the user signed up already
      if (context.stats.loginsCount > 1) {
        console.log("seen user before");
        return callback(null, user, context);
      var _ = require('lodash');

      var small_context = {
        appName: context.clientName,
        userAgent: context.userAgent,
        ip: context.ip,
        connection: context.connection,
        strategy: context.connectionStrategy

      var payload_to_restdb = _.extend({}, user, small_context);
      payload_to_restdb.roles = ["external", "somerole"]; = true;
      var request = require("request");
      delete payload_to_restdb._id;
      var options = { method: 'POST',
      url: 'https://<your_database_url_here>/rest/users',
      headers: { 
         'cache-control': 'no-cache',
         'x-apikey': '<your_fullaccess_api_key_here>',
         'content-type': 'application/json'},
          body: payload_to_restdb,
      json: true };

      request(options, function (error, response, body) {
      if (error) throw new Error(error);

      // don’t wait for the call to finish, return right away (the request will continue on the sandbox)`
      callback(null, user, context);
    } authentication API

Http VerbResourceFunctionality
POSThttps://<database>/auth/tokenRequest a API access token (e.g.{ token: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ…", iat: 1472191246, exp: 1472194846 }). Request body can be an access token ({"code": "your access code"}) or an valid API token that should be refreshed ({"refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ…"}).
GEThttps://<database>/auth/userinfoGet data about a user. Returns email, displayname and image.
POSThttps://<database>/auth/logoutLogout a user, Invalidates the login token. This token can no longer be used for API access.