Skip to main content
Amplication offers a variety of authentication provider plugins to secure your services and authenticate users. This guide helps you understand the available options and how to configure them.
Authentication plugins are available for Node.js and .NET blueprint options. If you’re using a custom blueprint, you can implement your own authentication solution using our custom plugins.

Add Authentication

To add authentication to your service:
1

Navigate to Plugins

Go to your service in the Amplication UI and click on the Plugins tab in the navigation bar.
2

Select Authentication Category

In the Plugins page, locate the Authentication category in the left sidebar menu.
3

Choose Auth Provider

Select an Auth Provider plugin that suits your needs from the available options listed below. Click “Install” to add the plugin to your service.
For Node.js services, ensure you install the “NestJS Auth Module” plugin first, as it provides the core authentication framework.
4

Configure Settings

After installing a plugin, you will see a Settings button. Click it to access the configuration page where you can adjust various settings in JSON format, such as default credentials or API keys.
5

Build Your Service

Finally, generate the code for your resource to apply the authentication plugin.

Available Authentications Providers

Each authentication provider has specific configuration options and requirements. Expand each provider below to learn more about its settings and usage.
Adds JSON Web Token (JWT) based authentication and authorization. Ideal for stateless APIs and applications.Platform: Node.js Requires: NestJS Auth ModuleSettings:
{
  "settings": {
    "tokenExpiresIn": 3600, // Access token expiration in seconds (default: 1 hour)
    "refreshTokenExpiresIn": 604800, // Refresh token expiration in seconds (default: 7 days)
    "grantType": "PASSWORD", // Grant type for token generation (default: PASSWORD)
    "jwtSecretKey": "YOUR_SECRET_KEY" // **Important:** Change this to a strong, unique secret key!
  }
}
Security Alert: Always replace the default jwtSecretKey with a strong, randomly generated secret key. This key is crucial for the security of your tokens.
Enables simple HTTP Basic Authentication. Suitable for development, testing, or internal services with less stringent security requirements.Platform: Node.js, .NETSettings:
{
  "username": "admin", // Default username
  "password": "admin"  // Default password
}
By default, Basic Auth Provider comes with username: admin and password: admin. Change these default credentials immediately in a production environment.
Integrates with Auth0, a leading Identity-as-a-Service (IDaaS) platform, offering advanced authentication and authorization features.Platform: Node.js Requires: NestJS Auth Module, Auth0 Account
Adds Supertokens authentication, providing a flexible and customizable authentication solution with various “recipes” (email/password, social login, etc.).Platform: Node.js Requires: NestJS Auth Module, Supertokens Core setup
Enables Security Assertion Markup Language (SAML) based Single Sign-On (SSO). Ideal for enterprise environments using SAML for identity federation.Platform: Node.js Requires: NestJS Auth Module, SAML Identity Provider
Integrates with Keycloak, an open-source Identity and Access Management solution, offering advanced features and protocols.Platform: Node.js Requires: NestJS Auth Module, Keycloak Server setup
Leverages ASP.NET Core Identity, the built-in authentication framework for .NET applications.Platform: .NETSettings:
{
  "seedUserEmail": "test@email.com", // Email for the default seed user
  "seedUserPassword": "P@ssw0rd!" // Password for the default seed user
}

Additional Resources

I