Third-Party Auth Integration (Firebase, Supabase, Auth0) #1352
Replies: 3 comments 1 reply
-
Hey, |
Beta Was this translation helpful? Give feedback.
-
I have to bump this one |
Beta Was this translation helpful? Give feedback.
-
Hi @felixfong227! What you want to do is absolutely possible with SurrealDB. A limitation exists when using Firebase to sign JWT with a key pair, but since you seem to be using an HMAC algorithm (HS512), this should not affect you. To achieve what you want you will need to define a scope (i.e. You will need to set the following claims on the JWT from Firebase:
If you cannot have knowledge of the identifier for the user record from Firebase, you can omit the To answer your specific questions: Q: Can one user have more than one scope? Q: How to integrate other third-party auth providers where we do not have access to the user's password? It may be worth mentioning that we will soon release significant updates to the Let me know if this information is helpful and feel free to ask any follow-up questions! |
Beta Was this translation helpful? Give feedback.
-
First of all, thank you for creating SurrealDB 😄
I am currently creating a POC using SurrealDB for my personal project and hope to yield great results, but the current blocker is I am trying to understand how to utilize build-in scope as the backend's RLS guard.
What I am looking for:
db.authenticate
with a JWT that is signed by our serversQuestion:
Can the user have more than one scope?
I am trying to create a user with a username
dummy
with a passworddummy
having more than one scope:By using the JS SDK I am unable to assign the
SC
field as an array or a comma-separated stringThird-Party Auth Integration
A
user
scope ruleThe
users
tableFor example, I am using Firebase Auth as my auth provider I wish to sign a JWT and give sufficient permissions to a client in order to access SurrealDB direct at the client.
pseudo-code is using
next-firebase-auth
Thank you all 😸
Beta Was this translation helpful? Give feedback.
All reactions