Administrate Realm users on client

Hi, new to realm and I cant find any documentation about administrating users that are registered using Email/Password Authentication provider on client side. Is it possible to CRUD new user as an admin also list the users in the provider including their Custom User Data . In the context of a Realm Functions is it possible to access the users of the authentication provider so they can be managed from there.

thanks

Hey Thanos,

Can you explain your use-case a bit further so I can get a better understanding of why you need to administrate all your users from the client? That’s typically what the MongoDB Cloud UI is for.

To answer some of your questions about CRUD Users and Custom User data:

  1. You can CRUD Users through the Admin API which gives you access to their Custom User Data

  2. You can access the providers either by adding it to Custom User Data via an Authentication Trigger or by querying the identities provided by endpoint

  3. You can also do it via Realm functions by calling the API endpoints using context.http in functions or using a library such as axios

1 Like

Hi Sumedha

A typical use-case would be a single page application that has no signup page, but with an Admin account that creates new users and manages them from the client GUI. Users then can login and edit their profile (Custom User Data) also users can change their email and password that simple.

I was expecting something like in Firebase functions one can use the context of the method to manage user like creating a new User like so

const user = await admin.auth().createUser(newUserData);

The Admin API if I can use them from client side that would require an API key pair each time so like when an Admin will login I will need an Authentication Trigger to check if the user has an Admin role and somehow create a new API key pair and attach it to the user response is that right :fearful:.

The third case you suggested sounds promising using custom realm functions for each CRUD operation with the context.http to call the Admin API endpoints, but how will I programmatically renew/create API key pair to use in the methods .

Thank you for help

Hi Thanos, although there are no provided admin methods, another thing you can look into is Custom Function Authentication.

1 Like

Hi Sumedha

I tried the Custom Function Authentication created a Users Collection and enabled the Custom User Data then pointed it to cluster/Database/Collection and defined a string property userId on user. Finally I signed-in successfully with the web SDK, but the customData object on the currentUser retrieved all the properties including the password of user :weary: , also the Custom Function Authentication provider created an enabled user with unknown name in Users section for the signed-in user now if I delete a user from collection is there a way for a trigger or something to also delete the user in the Users section created by the Authentication provider and also a way to filter what properties are placed in customData.

Edit:
I disabled the the Custom User Data and instead tried using a login trigger to add the custom user data with no sensitive data, but it seems the login triggers do not work with custom functions authentication provider :anguished:. A question when the token is refreshed is the login trigger called once more ?

Thanks for your help and patience

A couple of question so I can find a solution to Administrating users

1- Is there a way to filter what properties are set on Custom-User-Data ?
2- login trigger don’t work with Function Authentication ?
3- is login trigger executed once more when token user is refreshed ?
4- Users email and password once they are set cannot be modified programmaticly by a different user ?

Am thinking to go with @Sumedha_Mehta1 suggestion using Realm Administration API and using the local Email/Password Authentication if I can somehow find work around for a couple of hurdles