User & Authentication Provider Configuration Files

On this page

Authentication Providers

Configuration
Custom User Data

Atlas Device Sync, Atlas Edge Server, Data API, and HTTPS Endpoints are deprecated. Refer to the deprecation page for details.

Note

This page describes a legacy configuration file format. You should only use this information if you're using the deprecated realm-cli.

Any configuration files you pull with App Services CLI or export from the UI use the latest configuration version. For detailed information on the current configuration file format, see App Configuration.

app/
└── auth/
    ├── providers.json
    └── custom_user_data.json

Authentication Providers

Configuration

You can enable and configure authentication providers in /auth/providers.json.

Each field of the configuration is the name of a provider type and contains a configuration object for that provider. Authentication provider configurations share a common structure but each provider type uses a unique set of configuration fields.

Tip

You can find detailed information on a specific provider's configuration on that provider's reference page. For a list of all provider reference pages, see Authentication Providers.

/auth/providers.json

{
  "<Provider Name>": {
    "name": "<Provider Name>",
    "type": "<Provider Type>",
    "disabled": <Boolean>,
    "config": {
      "<Configuration Option>": "<Configuration Value>"
    },
    "secret_config": {
      "<Configuration Option>": "<Secret Name>"
    },
    "metadata_fields": [
      {
        "required": <Boolean>,
        "name": "Field Name"
      },
      ...
    ],
    "redirect_uris": ["<Application Redirect URI>", ...]
  },
  ...
}

Field	Description
`name` String	The name of the authentication provider. This will always be the same as the provider's `type`.
`type` String	The authentication provider type. Valid options: `"anon-user"` for Anonymous authentication. `"local-userpass"` for Email/Password authentication. `"api-key"` for API Key authentication. `"custom-token"` for Custom JWT authentication. `"custom-function"` for Custom Function authentication. `"oauth2-google"` for Google authentication. `"oauth2-facebook"` for Facebook authentication. `"oauth2-apple"` for Apple ID authentication.
`disabled` Boolean	If `true`, this authentication provider is not enabled for your application. Users cannot log in using credentials for a disabled provider.
`config` Document	A document that contains configuration values that are specific to the authentication provider. The following provider configurations include `config`: Email/Password Custom JWT Custom Function Google Facebook Apple ID
`secret_config` Document	A document where each field name is a private configuration field for the provider and the value of each field is the name of a Secret that stores the configuration value. The following provider configurations include `redirect_uris`: Custom JWT Google Facebook Apple ID
`metadata_fields` Array<Document>	An array of documents where each document defines a metadata field that describes the user. The existence of this field and the exact format of each metadata field document depends on the provider type. The following provider configurations include `metadata_fields`: Custom JWT Google Facebook
`redirect_uris` Array<String>	A list of URLs that Atlas App Services may redirect user back to after they complete an OAuth authorization. The following provider configurations include `redirect_uris`: Google Facebook Apple ID

Custom User Data

You can configure the custom user data collection for your app in /auth/custom_user_data.json.

/auth/custom_user_data.json

{
  "enabled": <Boolean>,
  "mongo_service_name": "<MongoDB Data Source Name>",
  "database_name": "<Database Name>",
  "collection_name": "<Collection Name>",
  "user_id_field": "<Field Name>",
  "on_user_creation_function_name": "<Function Name>"
}

Field Name	Description
`enabled` Boolean	If `true`, App Services associates each user with a document in the specified collection that contains their custom data.
`mongo_service_name` String	The name of the data source that contains the custom user data collection.
`database_name` String	The name of the database that contains the custom user data collection.
`collection_name` String	The name of the collection that contains the custom user data.
`user_id_field` String	The name of the field in custom user data documents that contains the user ID of the application user the document describes.
`on_user_creation_function_name` String	The name of the user creation function.

What are the Atlas Application Services?