* This is an automated transcript. Please excuse inaccuracies.
Hey there, so in this tutorial, we're going to be going to over authentication profiles. That is, how do you create authentication profiles in a workspace so that different client applications can allow users to authenticate whether that's using 8base authentication or a third-party authentication provider. Let's hop into it and see what we're dealing with.
So, I've opened up the workspace and here in my settings I have an area called “authentication”; and this is essentially where I can create a new authentication profiles as well as configure any ones if I have them. By default, no authentication profiles are created for your workspace so we're going to have to go ahead and create our first; We just click, “Add”, we can name it Default Auth”. And then we have a choice of several different types. We have 8base authentication, you are auth0 account if you want to use auth0 you can connect your own account as your authentication provider or open ID. So, any auth provider that is compliant with the open ID specification, you can then use as the authenticated provider for your 8base workspace.
Then we give you some options here right now if you're using ApS authentication, to where our users allowed to sign up themselves, our users are allowed to sign up if they have a specific email domain or is it open to all if you have a public or a free signup application, Right now we can just leave this auth and then select a role, This means, that when someone signs up or you sign up someone what is the automatic role or any default roles that will be associated with their account in that process. So, here we could just say that, “Okay well if our app is open to all and when someone signs up, we just want them to be a guest.” And if we add that profile, just takes a second… cool. And our first authentication profile was created.
So, now looking at the authentication profile that we just created, we're going to look at a little bit of information that it gives us. First off is that it creates a client ID as well as a domain and we're going to use these in a front-end application or client-side application when creating our auth client. Then two, 8base gives you a really straightforward way of adding sign-on providers to this authentication profile- to where if you had a Google developer account or Facebook Developer account you could simply go there collect the client ID and secret for that provider and then enable the provider and then that would allow you to use sign-on or social sign-on within your application. And then we also have some settings for allowed callbacks, web origins and logout URLs. These are just different ways of securing authentication so it can only originate from a certain URL as well as only redirect back to a certain URL and once again we'll take a look at those in just a minute.
One thing that's important just to mention too is if we were to use a different type of authentication profile for example, your auth0 account, it would just change the form that we need to fill out in order to configure that. So, for example, it would be asking for auth0 domain, the ID of the client, the secret, management domain; however, the configuration at the end would be very much the same as well as if we were to use open ID. There is some great documentation I'm going to link to in the description of this video for how to set up an open ID with a sample app, so you'll have that if you go follow that link.
So, I'm sure at this point you're probably wondering, “Well if I've taken these steps how do I actually set up authentication within the application that I am building?” That really depends on the framework that you're using as well as the type of application that you're building, however we're going to look at really quickly is how you can configure the auth module that we give you in the 8base SDK to set up the foundation of your authentication system in whatever type of application that you're building. Let's take a look at that.
So, here I've opened up a file that's a part of a VUE applications, I've been building, however essentially what's happening here is I'm configuring my auth client to then use within my application for the different types of auth means that I have. And as you can see it's a pretty simple process. And I've documented this file pretty well so that we can understand what's happening. First off is that from the 8base auth module or package we are importing auth and auth strategies, Auth strategies is simply an enumeration object that gives us and the different strategies that are offered; so that's web 8base; web auth0; as well as one more that I cannot remember off the top of my head. And then we also have auth, which we use to create a client passing in the strategy, as well as then an object that has our different configurations on it. So, for example, the domain is the same domain that we're given in our auth profile the client ID is the client ID that we're using or given in our auth profile. And then this logout URL as well as the redirect URL, are the same ones that we have the option of setting ourselves.
Now after configuring this client and then exporting it, I can use it in my application to call different methods like the ones I've included down here. For example, auth logout if I was logged in would log me out. Auth authorize would actually bring me to the hosted login page and then redirect me back on a successful authentication as well as get authorized data would actually go to the authentication provider, and if authorized returned the current users information; that's things like the ID token; the email address; and the user ID based on me auth provider that they're using.
I hope this gives you a little bit of a good idea on how to start setting up authentication within whatever application that you're building. However, if you do shoot over to the docs at 8base.com and you look at authentication, there's a lot of information here that will help you better understand how to set up authentication profiles and all the different settings and configuration options that are in there- as well as if you go down to SDK and click on “user auth”, more information is here as well with documentation specifically design for using authentication within a React app as well. I'm going to be updating this soon with view specific documentation so please sit tight for that. However, I do hope that this gave you a good understanding of how you can create an authentication profile, configure it to your applications needs and then start building the client-side module to handle authentication within the client application itself. If you have any questions please leave them as comments in the comment section of this video. I'll make sure to include all the relevant links in the description and I hope you have a fantastic rest of your day. Take care.