Navigation

Manage Email/Password Users

On this page

  • Overview
  • Register a New User Account
  • Confirm a New User's Email Address
  • Send a Confirmation Email
  • Complete a User Confirmation
  • Reset a User's Password
  • Send a Password Reset Email
  • Call a Password Reset Function
  • Complete a Password Reset

The Web SDK includes a client object that allows you to manage users associated with the Email/Password authentication provider.

To register a new email/password user, call the registerUser() method with the user's email address and desired password. The email address must not be associated with another email/password user and the password must be between 6 and 128 characters.

Note
Confirm New Users

You must confirm a new user's email address before they can log in to your app.

New users must confirm that they own their email address before they can log in to your app unless the provider is configured to automatically confirm new users.

If the provider is configured to send a confirmation email, MongoDB Realm automatically sends a confirmation email when a user registers. The email contains a link to the configured Email Confirmation URL with a token that is valid for 30 minutes after the email is sent. If a user did not receive the initial email or didn't click the confirmation link in time, you can use the SDK to send a new confirmation email to the user.

To send a new confirmation email to a user, call the resendConfirmation() method with the user's email address:

You need a valid token and tokenId for a registered user in order to confirm them and allow them to log in. These values are available in different places depending on the provider configuration:

  • If the provider is set to send a confirmation email, the token and tokenId values are included as query parameters in the Email Confirmation URL.
  • If the provider is set to run a confirmation function, the token and tokenId values are passed to the function as arguments.

To confirm a registered user, call the confirmUser() method with the user's valid token and tokenId:

If the provider is configured to send a password reset email, you can use the SDK to send a password reset email to a user. The email contains a link to the configured Password Reset URL.

If the provider is configured to run a password reset function, you can use the SDK to run the function.

Once a user requests a password reset, either by sending a password reset email or calling a password reset function, Realm generates a pair of unique token and tokenId values that they can use to complete the password reset within 30 minutes of the initial request.

Example
Get the Token and TokenID

If the provider uses the built-in password reset email, the token and tokenId are included as query parameters in the password reset URL. You can access them like so:

Give Feedback

On this page

  • Overview
  • Register a New User Account
  • Confirm a New User's Email Address
  • Send a Confirmation Email
  • Complete a User Confirmation
  • Reset a User's Password
  • Send a Password Reset Email
  • Call a Password Reset Function
  • Complete a Password Reset