Navigation

Anonymous Authentication

Anonymous authentication allows users to sign in without providing any credentials. To get started with anonymous authentication for your app:

  1. Select Users from the left-side navigation.

  2. Select the Providers tab.

  3. Click the Edit button in the Allow users to log in anonymously row.

  4. Switch the Provider Status toggle to enabled.

  5. In your client application, use the following SDK code to authenticate the Stitch client as an anonymous user. The following assumes that a StitchClient has been initialized.

    See Initialize StitchClient for more details on initializing a StitchClient in your application.

    yourStitchClient.authenticate("anon")
      .then( authedUserId => {
          console.log("logged in anonymously as user", authedUserId);
      })
      .catch( err => {
          console.error("failed to log in anonymously:", err);
      });
    
    yourStitchClient.getAuthProviders().addOnSuccessListener(new OnSuccessListener<AvailableAuthProviders>() {
        @Override
        public void onSuccess(final AvailableAuthProviders auth) {
            if (auth.hasAnonymous()) {
                Log.d("stitch", "logging in anonymously");
                yourStitchClient.logInWithProvider(new AnonymousAuthProvider()).addOnCompleteListener(new OnCompleteListener<String>() {
                    @Override
                    public void onComplete(@NonNull final Task<String> task) {
                        if (task.isSuccessful()) {
                            Log.d("stitch", "logged in anonymously as user " + task.getResult());
                        } else {
                            Log.e("stitch", "failed to log in anonymously", task.getException());
                        }
                    }
                });
            } else {
                Log.e("stitch", "no anonymous provider");
            }
        }
    });
    
    yourStitchClient.fetchAuthProviders().then { (authProviderInfo: AuthProviderInfo) -> Promise<String> in
        if (authProviderInfo.anonymousAuthProviderInfo != nil) {
            return yourStitchClient.anonymousAuth()
        } else {
            throw StitchError.illegalAction(message: "no anonymous provider")
        }
    }.done { (userId: String) in
            print("logged in anonymously as user \(userId)")
    }.catch { error in
            print("failed to log in anonymously: \(error)")
    }
    

Anonymous authentication is the most basic authentication provider available in MongoDB Stitch. Anonymous authentication allows users to sign into a Stitch client application as a temporary anonymous user without providing any credentials. The users are given an id like any other user, and they can view and manipulate data according to service rules just like any other user.

Potential use cases for anonymous authentication include:

  • Authenticating readers of a blog or news service.
  • Allowing end users to try the features of an application as an anonymous user before registering for an account.
  • Simplifying the creation of users while developing and testing the client application.

Limitations

The primary limitation of anonymous authentication is that if the refresh token is lost (due to the user clearing their browser data or deleting the client application from their phone), the user will no longer be able to re-authenticate as that Stitch user, and the user loses access to their data.

Important

If users need to persist data, you should not use Anonymous authentication as the primary authentication type. However, you can enable one or more other auth providers and then link the anonymous user account to the new identity when the user logs on with the new provider. This can be accomplished by adding linking functionality to your app using the Android or iOS SDK. For more information, see Linking User Accounts.