Authentication Providers

MongoDB Stitch provides several authentication providers, which can be integrated into a client application to provide a mechanism for users to log in to your app.

  • For applications where you want users to be able to view or manipulate data without registering or creating an account, you can use Anonymous Authentication.
  • For applications where end users create an account or log in with existing credentials, you can use providers that integrate with existing login services (Facebook and Google), or use providers that allow you or your end users to create new credentials (Email/Password, API Keys, and Custom Auth).

You can use a single provider if you want all users to authenticate in the same way, or you can enable multiple providers for more flexibility. You can also link a user account from one provider to a user account from another provider by using the the client SDKs. For more information on linking, see Linking User Accounts.

An example of an app that would benefit from multiple authentication providers is a blog or news service. The typical user of such an app would authenticate anonymously so that they don’t need to register. The blog authors and/or journalists would need to sign in with some other provider to become authorized to publish new content.

Authentication Providers

The following is a list of the authentication providers available in Stitch.

Authentication Provider Description
Anonymous Mechanism for authenticating without credentials. You should not use Anonymous authentication in applications where you want to persist user data.
Email/Password Mechanism for authenticating with an email address and password. Requires implementing scripts with the SDKs for confirming an email and resetting a password.
Google OAuth2-based mechanism for logging in with an existing Google account. Can be for regular Google accounts, or can be restricted to organizational domains.
Facebook OAuth2-based mechanism for logging in with an existing Facebook account.
Custom Mechanism for logging in with JWT-based credentials generated by a custom-built service separate from MongoDB Stitch.
API Key Mechanism for logging in with API keys generated in the Stitch admin console, or by your end users.