Authenticate a User¶
Overview¶
MongoDB Realm provides an API for authenticating users using any enabled
authentication provider. Instantiate a
Credentials
object and pass
it to the
LogInAsync()
method to authenticate and obtain a User
instance. The Credentials class exposes factory methods that correspond to
each of the authentication providers:
| Authentication Provider | Credentials Generation Method |
|---|---|
| Anonymous | Credentials.Anonymous() |
| Email/Password | Credentials.EmailPassword(email, password) |
| API Key | Credentials.ApiKey(userAPIKey) |
| Custom Function | Credentials.Function(functionPayload) |
| Custom JWT | Credentials.JWT(jwt) |
| Google OAuth | Credentials.Google(googleAuthCode) |
| Facebook OAuth | Credentials.Facebook(facebookToken) |
| Sign-in With Apple | Credentials.Apple(appleToken) |
Before you can authenticate a user, ensure you have:
- Created a Realm app
- Enabled one or more authentication providers
- Installed the .NET SDK
Log In¶
Anonymous Authentication¶
If you have enabled Anonymous authentication in the Realm UI, users can immediately log into your app without providing any identifying information. The following code shows how to do this:
var user = await app.LogInAsync(Credentials.Anonymous());
Email/Password Authentication¶
If you have enabled Email/Password authentication, you can log in using the following code:
var user = await app.LogInAsync( Credentials.EmailPassword("caleb@example.com", "shhhItsASektrit!"));
API Key Authentication¶
If you have enabled API Key authentication, you can log in using the following code:
var user = await app.LogInAsync(Credentials.ApiKey(apiKey));
Custom Function Authentication¶
If you have enabled the Custom Function authentication provider, you can log in using the following code:
var functionParameters = new { username = "caleb", password = "shhhItsASektrit!", IQ = 42, isCool = false }; var user = await app.LogInAsync(Credentials.Function(functionParameters));
Custom JWT Authentication¶
If you have enabled the Custom JWT authentication provider, you can log in using the following code:
var user = await app.LogInAsync(Credentials.JWT(jwt_token));
Facebook Authentication¶
The Facebook authentication provider allows you to authenticate users through a Facebook app using their existing Facebook account.
To log a user in with their existing Facebook account, you must configure and enable the Facebook authentication provider for your application.
Facebook profile picture URLs include the user's access token to grant permission to the image. To ensure security, do not store a URL that includes a user's access token. Instead, access the URL directly from the user's metadata fields when you need to fetch the image.
var user = await app.LogInAsync(Credentials.Facebook(facebookToken));
Google Authentication¶
If you have enabled Google authentication, you can log in using the following code:
var user = await app.LogInAsync(Credentials.Google(googleAuthCode));
Apple Authentication¶
If you have enabled Sign-in with Apple authentication, you can log in using the following code:
var user = await app.LogInAsync(Credentials.Apple(appleToken));
Log Out¶
Once logged in, you can log out by calling the LogOutAsync() method:
await user.LogOutAsync();
When a user logs out, you can no longer read or write data in any synced realms that the user opened. As a result, any operation that has not yet completed before the initiating user logs out cannot complete successfully and will likely result in an error. Any data in a write operation that fails in this way will be lost.