Docs Menu

Docs HomeAtlas App Services

API Key Authentication

On this page

  • Overview
  • Enable API Key Authentication
  • API Key User Objects
  • Server API Keys
  • Create a Server API Key
  • User API Keys
  • Realm SDK Examples

The API Key authentication provider allows users to log in using generated keys.

App Services supports the following two types of API keys:

  • Server API keys: API keys associated with server users that is created from the App Services CLI, API or UI.

  • User API keys: API keys created from the Realm SDKs associated with application users.

API keys do not expire automatically.

To work with API key users, you must first enable the API key authentication provider. The API Key authentication provider does not have any configuration options.

Every App Services user has a unique metadata object. The object is passed to Functions called by the user and rule expressions for requests made by the user. In API key user objects, the type field has the value "server". For example:

{
id: "<Unique User ID>",
type: "server",
data: <user data object>,
custom_data: <custom user data object>,
identities: <array of user identities>,
}

You can use this field to evaluate if requests come from API keys.

For more information, refer to User Objects.

Server API keys are generated in a server-side context using one of the App Services App Services CLI, API or UI. When you create a server API key, you also create an associated server user.

You can provide a server key to external applications and services to allow them to authenticate directly with App Services.

You can associate up to 100 server API keys with an app.

You must enable the API key provider before you can create an API key.

Important

You must copy the server key's value as soon as you create it. Once you create the API key, you can no longer retrieve it.

You can generate user API keys with the Realm SDKs. User API keys are generated for specific application users by the Realm SDKs in client applications. You can then use the user API to authenticate as that user.

You can allow devices or services to communicate with App Services on behalf of a user by associating a unique user API key with each device.

User API keys are always associated with a non-anonymous user. Each user can associate up to 20 user API keys with their account.

To learn how to generate user API keys, refer to the Realm SDK documentation.

For code examples that demonstrate how to register and log in using API Key authentication, see the documentation for the Realm SDKs:

←  Custom Function AuthenticationFacebook Authentication →
Give Feedback
© 2022 MongoDB, Inc.

About

  • Careers
  • Investor Relations
  • Legal Notices
  • Privacy Notices
  • Security Information
  • Trust Center
© 2022 MongoDB, Inc.