Docs Menu
Docs Home
/ /
Atlas Device SDKs

Manage Users - Node.js SDK

On this page

  • Create and Delete Users
  • Log Users In and Out
  • User Sessions
  • Read and Update Custom User Data
  • Read User Metadata from Login Providers

When you use Atlas App Services to back your client app, you get access to a user object. Use Node.js SDK methods with this user object to conveniently:

  • Create and delete users

  • Log users in and out

  • Create and update custom user data

  • Read user metadata from social login providers

For all authentication providers other than email/password authentication, App Services automatically creates a user object the first time a user authenticates. If a user authenticates via more than one method, you can link these user identities to a single user object.

You can delete user objects. Deleting a user object deletes metadata attached to the user object, but does not delete user-entered data from the backend.


Apple Account Deletion Requirements

Apple requires that applications listed through its App Store must give any user who creates an account the option to delete the account. Whether you use an authentication method where you must manually register a user, such as email/password authentication, or one that that automatically creates a user, such as Sign-In with Apple, you must implement user account deletion by June 30, 2022.

Use one or more authentication providers to log users in and out of your client app. You can:

  • Log users in with an existing social account, such as Apple, Facebook, or Google.

  • Create new user accounts with App Services email/password management, or your own custom function or custom JWT user management.

  • Enable anonymous users to let users access your App Services App without persisting user data.

When you have a logged-in user, SDK methods enable you to:

On successful login, the Node.js SDK caches credentials on the device. You can bypass the login flow and access the cached user. Use this to open a realm or call a function upon subsequent app opens.

App Services manages sessions with access tokens and refresh tokens. Client SDKs supply the logic to manage tokens and provide them with requests.

Realm uses refresh tokens to automatically update a user's access token when it expires. However, Realm does not automatically refresh the refresh token. When the refresh token expires, the SDK can no longer get an updated access token and the device cannot sync until the user logs in again.

For more information on managing user sessions and tokens, see User Sessions in the App Services documentation.

You can associate custom data with a user object, such as a preferred language or local timezone, and read it from your client application. A user object has a customData property that you can use to access custom user data.

To create and update custom user data, you must access your MongoDB data source directly. App Services does not offer a SDK method to create or update this custom user data; it's a read-only property.

Some authentication providers enable developers to access user metadata, such as full name or email address. When you configure these metadata fields on the App Services application, you can read this medata from your client app. A user object has a profile property that you can use to access user metadata.

← Query MongoDB