Add authentication
Squid integrates with a variety of different authentication providers, including OpenId
providers like Auth0, Okta, and Cognito. By connecting them to Squid, you can authorize user actions like querying and updating data, calling executables, etc.
Learn more about the OpenId protocol here.
How it works
To start using authentication with Squid you'll first need to add an Auth
integration in the Squid Cloud Console. A full list of the available Auth integrations can be found here.
Squid does not issue any authentication tokens when integrating with an auth provider. Instead, tokens that are issued by your provider must be passed to Squid. To authenticate users and extract their details, Squid relies on an access token sent from the client application to the Squid Server. Squid retrieves a token on demand for every request made to the backend:
const authProvider: SquidAuthProvider = {
getToken: () => 'USER_AUTH_ID_TOKEN',
integrationId: 'auth_integration_id',
};
squid.setAuthProvider(authProvider);
This token is used by Squid to make authentication details available within the functions in your backend project. You can then use these details to ensure that the user is authenticated and authorized when making requests.
Since Squid calls the getToken method for every request, it is practical to enable caching of the token within the getToken method and renew it only when the token approaches its expiration date.
Explore
To get started with adding authentication to your Squid application, simply click the Add auth provider
button on the application overview and select your preferred integration.
In this guide we'll explore adding the Auth0 integration:
Auth0
If you are using the Auth0 authentication service, the following code snippets can be added to your client application
Firebase Authentication
Integrate Firebase Authentication with Squid Cloud to manage access to Squid Cloud resources through the Squid Client and Backend SDKs
👤 Role-Based Access Control (RBAC)
Squid Cloud has been designed with security controls at its core to fit any enterprise use case. Squid Cloud Console defines Admin and Developer roles and permissions out of the box, but Squid Cloud also offers the ability to further build and customize Role-Based Access Control (RBAC) capabilities to fit the unique requirements of your application.
🔒 Securing data
Now that we have set up authentication, we can use our Squid backend project to start securing our data. Both read and write operations be can be secured using the @secureCollection and @secureDatabase decorators from the Squid Backend SDK.