Skip to main content

Add authentication

Squid integrates with a variety of different authentication providers, including OpenId providers like Auth0, Okta, and Cognito. By connecting them to Squid, you can authorize user actions like querying and updating data, calling executables, etc.
Note

Learn more about the OpenId protocol here.

How it works

To start using authentication with Squid you'll first need to add an Auth integration in the Squid Cloud Console. A full list of the available Auth integrations can be found here.

Squid does not issue any authentication tokens when integrating with an auth provider. Instead, tokens that are issued by your provider must be passed to Squid. To authenticate users and extract their details, Squid relies on an access token sent from the client application to the Squid Server. Squid retrieves a token on demand for every request made to the backend:

Client code
const authProvider: SquidAuthProvider = {
  getToken: () => 'USER_AUTH_ID_TOKEN',
  integrationId: 'auth_integration_id',
};
squid.setAuthProvider(authProvider);

This token is used by Squid to make authentication details available within the functions in your backend project. You can then use these details to ensure that the user is authenticated and authorized when making requests.

Note

Since Squid calls the getToken method for every request, it is practical to enable caching of the token within the getToken method and renew it only when the token approaches its expiration date.

Explore

To get started with adding authentication to your Squid application, simply click the Add auth provider button on the application overview and select your preferred integration.

Step 1

In this guide we'll explore adding the Auth0 integration: