Skip to main content

Authentication

Amplication services can contain robust Authentication and Authorization functionalities by enabling specific plugins.

Depending on your project's requirements, you can choose the authentication method that best suits your needs.

Available Authentication Plugins

NestJS Auth Module (Mandatory)

The NestJS Auth Module plugin provides all the essential modules needed for service authentication. This plugin serves as the base for the authentication mechanism. It must be installed with an Auth Provider of your choice.

info

A User entity must exist first in order to enable this plugin in your project. Learn how to add the user entity into your service.

JWT Auth Provider

Passport-based JWT authentication allows the client to send a request to the server with the user's credentials. Once authenticated, the server issues a JWT. This token enables the client to authenticate subsequent requests. More about this can be read on NestJS's authentication documentation.

Basic Auth Provider

Basic authentication is a straightforward authentication scheme built into the HTTP protocol. It requires sending user's credentials in the form of a username and password, encoded in base64, included in the Authorization header of the request.

Authentication Plugin Examples

If you would like to see specific and detailed examples on how to use each of the various Authentication plugins, visit the Authentication Plugin Examples page.

Customize Your Authentication with Passport

You can further develop the code generated by Amplication to rollout your own authentication system.

Amplication uses the @nestjs/passport module as middleware to support authentication. Passport is a popular node.js authentication library, widely used by the community.

Passport supports many authentication strategies available as npm modules, which you can implement in your generated project. You can easily integrate the library with a Nest application using the @nestjs/passport module.

Passport has a rich ecosystem of strategies that implement various authentication mechanisms.

Disable Authentication On Your Service

If you no longer need authentication on a specific service, you can disable it.

  1. Visit your service's Plugins page and toggle the NestJS Auth Module into the off state.
  2. Disable all other Authentication-related plugins listed in the available authentication plugins list.
  3. Delete the User entity from your list of entities.
  4. Re-build your project and commit your changes to your preferred git provider.

Create A Service Without Authentication

To create a service without authentication, do not install the authentication plugins.

When you are creating your service using our service creation onboarding wizard, you can optionally choose to create a service without authentication.

This is useful for a public-facing service that does not handle sensitive or personal information and you wish to enable access to anyone without the need for a login or password. Typical use cases include displaying public information, such as a public event or a weather forecast, and returning search results from a public database.

Alternatively, this might be useful when you need background services that don't expose endpoints to end users. The service may be part of a larger system where authentication is handled at a different level, such as a gateway or reverse proxy. Typical use cases include where an organization’s internal services communicate with each other, and public facing APIs that do not require authentication.