Navigation

Authentication Providers

MongoDB Stitch provides several authentication providers, which can be integrated into a client application to provide a mechanism for users to log in to your app.

  • For applications where you want users to be able to view or manipulate data without registering or creating an account, you can use Anonymous Authentication.
  • For applications where end users create an account or log in with existing credentials, you can use providers that integrate with existing login services (Facebook and Google), or use providers that allow you or your end users to create new credentials (Email/Password, API Keys, Custom JWT Auth and Custom Function Auth).

You can use a single provider if you want all users to authenticate in the same way, or you can enable multiple providers for more flexibility. You can also link a user account from one provider to a user account from another provider by using the the client SDKs. For more information on linking, see Linking User Accounts.

An example of an app that would benefit from multiple authentication providers is a blog or news service. The typical user of such an app would authenticate anonymously so that they don’t need to register. The blog authors and/or journalists would need to sign in with some other provider to become authorized to publish new content.

Authentication Providers

The following is a list of the authentication providers available in Stitch.

Authentication Provider Description
anon-user
Mechanism for authenticating without credentials. You should not use Anonymous authentication in applications where you want to persist user data.
local-userpass
Mechanism for authenticating with an email address and password. Requires implementing scripts with the SDKs for confirming an email and resetting a password.
api-key
Mechanism for logging in with API keys generated in the Stitch admin console, or by your end users.
oauth2-apple
OAuth2-based mechanism for logging in with an Apple ID.
oauth2-google
OAuth2-based mechanism for logging in with an existing Google account.
oauth2-facebook
OAuth2-based mechanism for logging in with an existing Facebook account.
custom-token
Allow users to log in with JWT-based credentials generated by a service external to MongoDB Stitch.
custom-function
Allow users to log in with arbitrary credentials according to custom authentication logic that you define.