Skip to main content

Authentication

General

Apps generated by Amplication contain authentication mechanisms based on the NestJS/Passport library.

Amplication apps include two built-in authentication methods:

  • HTTP
  • JWT (JSON Web Token)

Alternatively, you can use a custom authentication provider.

To select the preferred Authentication Method:

  1. Navigate to the Dashboard and click on Auth Settings.
  2. From the drop-down list, select JWT (default) or HTTP
tip

We recommend using JWT as a more secure alternative to HTTP authentication.

JWT Authentication

When generating an app with JWT authentication, the process includes the following two steps:

  1. Send a login request to the server with username and password to get back from the server the JWT token.
  2. Add an authentication header with the JWT token to every consecutive request.

Following are examples of how to log in with REST API and GRaphQL API.

Rest API

curl -X 'POST' \
'https://[server-url]/api/login' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"username": "admin",
"password": "admin"
}'

GraphQL API

mutation{
login(credentials:{
username:"admin"
password:"admin"
}){
accessToken
}
}

Header with JWT Included (example)

 Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjoieW91IGFyZSBzb29vb28gY29vbCB0aGF0IHlvdSBjaGVjayB0aGF0ISIsIm5hbWUiOiJPZmVrIGdhYmF5IDspIiwiaWF0IjoxNTE2MjM5MDIyfQ.vaYJaP9SUlOU0u4NfFCRm5tmBVDKeCwvN6ByCkqJt8U

Basic HTTP Authentication

When using Basic HTTP, when sending a request to the API you must provide a Basic HTTP authentication header with the format:

Authorization: 'type' 'credentials'

where type is Basic and credentials is the Base64 encoding of a string "username:password".

For example:

Authorization: Basic YWRtaW46YWRtaW4=

By default, your app comes with one user with the username "admin" and password "admin".

tip

You can use a tool to create the header. There are several generators available, such as https://www.blitter.se/utils/basic-authentication-header-generator/

Read here to find out more: HTTP authentication.

Custom Authentication Provider

Amplication uses the @nestjs/passport module as middleware to support authentication. Passport is a popular node.js authentication library, widely used by the community.

Read this for more information: authentication with Nest