I haven’t found anything on here yet that answers my question, or otherwise in the docs.
I want to be able to use the realm user access token, the same token that is used to authenticate Realm Graphql API requests, to authenticate on my own Golang web API.
Currently, I haven’t seen any sort of way to use a Realm function to do this which was one of my initial thoughts. I also don’t believe there is any sort of Realm SDK for Golang.
How can one validate a Realm user token in their own server-side application?
I would definitely say you are understanding. Just want to get your idea straight.
So if I store this on my Golang server, I am essentially storing it in either local memory(ram) or in a MongoDB collection. Presumably if I was going to store it in a collection, I would store it in the same collection that I use for user custom data right? So then I would have some sort of field called accessToken. But what if the token expires? I need to update this collection every time I refresh the token, which adds a lot of additional network requests. If I store it in ram, well I still have this same problem. Plus, storing in ram would probably result in a lot of excess data in ram overtime.
I just wish there was an endpoint that Realm had for validating a token. Like /validate-token and you would send it the token in the payload, and you would either get a 200 response saying the token was good, or you would get a different response, like 401, saying the token was expired.
I mean it sounds reasonable I just not sure why you would go to your goLang server rather than going to the realm authentication directly for tokens?
But I guess you could still build an http service where you have a “validate” webhook running as system and tries a dummy graphql query with provided token as payload… If return success return a valid token response