Custom Authenticators #50
Comments
Hi @mtrossbach, Yes, this is possible, but currently not exposed/documented. We focused on the "generic" login systems for the beta period. It is currently on our roadmap to make it easier to integrate with third-party authentication systems/OAuth2 systems, however, as far as I know, we don't have a timeline for this. How blocking is this for you? Thanks |
Hi, do you have any update on the timeline for this? Thank you! |
Hi @mtrossbach, I didn't prioritise this higher as I never got any feedback from you. We're currently working on our new roadmap, so I can try to include this. I'll let you know as soon as I have a more specific timeline. |
Hi @teotwaki, this is David from the ZeroKit team. A customer of yours reached out to us and asked to integrate our secure user authentication with Realm, so that they can use Realm in healthcare (where facebook auth doesn't stick). We'd be very happy to do this piece of work, how can we collaborate? |
Hi @teotwaki, I would like to echo the above statements. It is currently the major stumbling block in our way of launching our healthcare app. As I understand it, the ability is there but the documentation and how to accomplish this has not yet been provided. If you could help ramp this up as a priority ASAP it sounds like it could free up a log jam for a lot of us to be able to launch our products. Your product is second to none for what it provides, just help us all to get our products out the door and sing your praises even more! |
@davidszabo26 and @trpmap93 we will be working on the custom authentication support this week. Can you email me at af@realm.io? I am sure we could coordinate and would love the help! |
Hey @bigfish24, can you send me instructions on how to accomplish this too? I'm moving from firebase to realm and unfortunately, this is a block for me too. My email is rodgarcialima@gmail.com Thank you |
We didn't get this ready yet, but the current proposal would work like this: On the server you would be able to inject custom authentication code that would be called in response to a token submitted by a client to then call out to whatever API would verify the token, for example for Twitter auth it would look like this: You would create a JS script that extends our BaseAuthProvider class // node_modules/ros-twitter/src/index.js
const ros = require('realm-object-server');
class TwitterAuthProvider extends ros.auth.providers.BaseAuthProvider {
// … Call out to Twitter API and verify a token
}
ros.auth.providers.register('twitter', TwitterAuthProvider); Then you should start the server with this. # configuration.yml
auth:
providers:
twitter:
import: node_modules/ros-twitter/src/index.js
access_token: "@cc3$s_t0k3n…" For the client SDK you would create a |
Hi, @bigfish24. Would this functionality available in Developer Edition? |
yes, because we recognize that our own built-in capabilities are quite limited, especially things like sending emails for forgotten passwords and that's not an area we want to focus our efforts on. |
For planning purposes, do you think that an API will be available to change current password (not forgot pass... just plain change, with current Realm authentication) before or after this custom authenticator is implemented? No email is required for that, and it seems simple enough using the old-new-confirm practices we've used forever.
Thanks,
-Chris
… On Jan 27, 2017, at 10:31 AM, Adam Fish ***@***.***> wrote:
We didn't get this ready yet, but the current proposal would work like this:
On the server you would be able to inject custom authentication code that would be called in response to a token submitted by a client to then call out to whatever API would verify the token, for example for Twitter auth it would look like this:
You would create a JS script that extends our BaseAuthProvider class
// node_modules/ros-twitter/src/index.js
const ros = require('realm-object-server');
class TwitterAuthProvider extends ros.auth.providers.BaseAuthProvider {
// … Call out to Twitter API and verify a token
}
ros.auth.providers.register('twitter', TwitterAuthProvider);
Then you should start the server with this.
# configuration.yml
auth:
providers:
twitter:
import: node_modules/ros-twitter/src/index.js
access_token: ***@***.***$s_t0k3n…"
For the client SDK you would create a Credential using the init(customToken:provider:userInfo:) method to pass the token received by logging in via the third-party service.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
@TotemChris I expect custom auth done first. |
Hi, any ETA when those things are done? We want to release an app but we cant release it without custom auth or / and changing / resetting username and / or password. |
+1 on this issue, I'm also in the position of evaluating Realm Mobile Platform for our needs. I'd need to integrate to our existing auth service transparently and a custom auth plugin you described would be the optimal solution. A hack that I considered was to generate and store a random password for the user in our systems to be used for Realm password auth. I'd guess that it would kinda work but overall sounds like a bad idea to do in prod. |
Another +1 on this issue. |
+1 I'd like to integrate with auth0 for some prototypes. |
@bigfish24 it looks like custom auth has been released as part of |
Yes this is now available for all editions, with more details here: https://realm.io/docs/realm-object-server/#custom-authentication |
Hi!
Here at our company we have an existing authentication provider for our customers. Is it possible to use this authentication provider for the Realm Mobile Plattform? Or is this feature planned for future releases?
We use Keycloak (http://www.keycloak.org/) so I should be possible using OAuth2 + OpenID like with the social authentication providers you already support.
The text was updated successfully, but these errors were encountered: