How to verify access token on back-end

Is there any way to verify and get userId on back-end from the access token created by client-side Realm SDK?

My application using Realm authentication, I need to get the user Id to save user created post on back-end, I’m using Couchbase for my post data.

something like firebase admin does link

@chawki I believe you can use an authentication trigger like so -
https://docs.mongodb.com/realm/triggers/authentication-triggers/

And then access user.id in context - not sure exactly what you are trying to do but triggers and functions should give you access to user data -
https://docs.mongodb.com/realm/authentication/

What I’m looking for is something similar to firebase admin.

Here how firebase admin works

  • when user sign with firebase authenticate, firebase creates an access token on the client side
  • We can send the access token to the server-side and with firebase admin, we decode the access token and get the user id.

How to implement this with Realm?

Once you login you can call something like:

var myId = app.currentUser()!.identity!

Thanks @Ian_Ward,

This not what I’m looking for, I think I need to implement the user verification my self.

@chawki Did you find a solution? I am in the same boat.

A node.js backend but using Realm for user management. When a user logs in, I can get the accessToken returned but Realm has not method for validating the accessToken for subsequent requests…

@Eden_Webb, @chawki, were you able to find a nice workaround for this?

@Vlad_Dobrovolskiy No. Following this thread Verify Access Token server side there are some suggestions of workarounds. It also mentions they are looking into as a feature.

Hey everyone - we’ve added support for this, more info can be found in the docs: https://docs.mongodb.com/realm/reference/authenticate-http-client-requests/#verify-a-client-access-token

2 Likes

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.