Navigation

Manage Email/Password Users - Node.js SDK

To register a new email/password user, pass the user's email address and desired password to EmailPasswordAuth.registerUser(). The email address must not be associated with another email/password user and the password must be between 6 and 128 characters.

Note
Confirm New Users

You must confirm a new user's email address before they can log in to your app.

New users must confirm that they own their email address before they can log in to your app unless the provider is configured to automatically confirm new users.

If the provider is configured to send a confirmation email, MongoDB Realm automatically sends a confirmation email when a user registers. The email contains a link to the configured Email Confirmation URL with a token that is valid for 30 minutes after the email is sent. If a user did not receive the initial email or didn't click the confirmation link in time, you can use the SDK to send a new confirmation email to the user.

To send a new confirmation email to a user, pass their email address to EmailPasswordAuth.resendConfirmationEmail().

You need a valid token and tokenId for a registered user in order to confirm them and allow them to log in. These values are available in different places depending on the provider configuration:

  • If the provider is set to send a confirmation email, the token and tokenId values are included as query parameters in the Email Confirmation URL.
  • If the provider is set to run a confirmation function, the token and tokenId values are passed to the function as arguments.

To confirm a registered user, pass a valid token and tokenId to EmailPasswordAuth.confirmUser().

To send a password reset email (if the provider is configured to do so), call EmailPasswordAuth.sendResetPasswordEmail(). The email contains a link to the configured Password Reset URL.

To run a password reset function (if the provider is configured to do so), pass the user's email address, new password, and any additional function arguments to EmailPasswordAuth.callResetPasswordFunction().

Once a user requests a password reset, either by sending a password reset email or calling a password reset function, Realm generates a pair of unique token and tokenId values that they can use to complete the password reset within 30 minutes of the initial request.

To complete the password reset, pass the token, tokenId, and new password to EmailPasswordAuth.resetPassword().

Give Feedback

On this page