Manage Email/Password Users¶
On this page
The Web SDK includes a client object that allows you to manage users associated with the Email/Password authentication provider.
Register a New User Account¶
To register a new email/password user, call the
registerUser() method with
the user's email address and desired password. The email address must not be
associated with another email/password user and the password must be between 6
and 128 characters.
You must confirm a new user's email address before they can log in to your app.
Confirm a New User's Email Address¶
New users must confirm that they own their email address before they can log in to your app unless the provider is configured to automatically confirm new users.
Send a Confirmation Email¶
If the provider is configured to send a confirmation email, MongoDB Realm automatically sends a confirmation email when a user registers. The email contains a link to the configured Email Confirmation URL with a token that is valid for 30 minutes after the email is sent. If a user did not receive the initial email or didn't click the confirmation link in time, you can use the SDK to send a new confirmation email to the user.
To send a new confirmation email to a user, call the
method with the user's email address:
Complete a User Confirmation¶
You need a valid
tokenId for a registered user in order to
confirm them and allow them to log in. These values are available in different
places depending on the provider configuration:
- If the provider is set to send a confirmation email, the
tokenIdvalues are included as query parameters in the Email Confirmation URL.
- If the provider is set to run a confirmation function, the
tokenIdvalues are passed to the function as arguments.
To confirm a registered user, call the
confirmUser() method with the user's
Reset a User's Password¶
Send a Password Reset Email¶
If the provider is configured to send a password reset email, you can use the SDK to send a password reset email to a user. The email contains a link to the configured Password Reset URL.
Call a Password Reset Function¶
If the provider is configured to run a password reset function, you can use the SDK to run the function.
Complete a Password Reset¶
Once a user requests a password reset, either by sending a password reset
email or calling a password reset
function, Realm generates a pair of unique
tokenId values that they can use to complete the password
reset within 30 minutes of the initial request.
If the provider uses the built-in password reset email, the
tokenId are included as query parameters in the password reset URL. You
can access them like so: