There are 3 components to making JWT Authentication Work.
- A Custom Server that does the authentication logic and signs a JWT Token. This doesn't need to know about Realm at all. It just uses a public and private key to sign a jwt token that it will give to the client
- ROS with JWT Enabled and ready to consume the public key used to sign incoming JWT tokens
- A Realm Client which will first make a request with credentials to
auth-server.js. Then it will snag the jwt token and then proceed to authenticate the Realm.Sync client with the JWT against a running ROS server
Overall it's a simple 2 step process.
- ROS or Realm Cloud just needs to have
JwtAuthProvidersetup with a public key
- The Custom Auth Server needs to sign the token with the
How do I generate proper keys?
Take a look at server/keygen.sh
What about Realm Cloud?
If you need to get JWT setup with Realm Cloud...
- Generate the private keys, check out the commands here: server/keygen.sh
- Copy the public key in the settings in Realm Cloud's settings
- Follow the general pattern laid out above!