Are there any plans to support js ts
Are there any plans to support .js/.ts files for
convex.json?
It would be nice to be able to populate authInfo from environment variables, as its needed several places in the application as well (Expo config and ConvexProviderWithAuth0) and it also seems like it should be environment specific, so I can it attach to different auth instances for prod and dev.14 Replies
Hi! We have some plans to potentially iterate on the way projects are configured (incl convex.json) as well as iterating on auth and how it interacts with dev/prod.
Totally hear you about being able to populate authInfo differently for dev/prod. Noting it down.
You can import
convex.json from other parts of your app (it is valid js to do so).Today you can add multiple auth methods and choose the right one based on environment variables in your app
@nipunn I ran into some snags trying to expose the generated types as well as the json config from my convex app within a turborepo monorepo setup. Probably works better in a more basic setup.
@ballingt seems a bit fragile to be referencing environments by array index in json from the code.
ah that's fair, you might try avoiding importing from it at all
(using files like .env instead)
@ballingt that would be my preference, however, I'm not sure how Convex is utilizing the values in the json.
Thats why I wanted js/ts support for config, so I could populate from the same env vars
Yeah totally noted.
It's a fragile workaround with indexing. Not a wonderfully ergonomic way. It's something we're thinking about (dev/prod and authentication).
Am I correct in assuming the
authInfo in the config is used by convex in some way and not just for referencing by the client app?The important part is
npx convex auth add which tells the server about the auth. Currently you do need this convex.json file checked in (the CLI uses it to know which Convex project to use) but you should never need to edit it, and it's pretty much just for CLI use.
When there's just one auth method, and you're using a bundler that lets you import .json files, it's convenient to grab it from there but I would just use envvars for this or hardcode it in the app.
I do not thing authInfo is used locally at all, I believe it's cached state from the Convex server.https://docs.convex.dev/using/auth#configuring-convex for details! Key part is "to ensure that only valid identity tokens are accepted."
Authentication | Convex Developer Hub
Add authentication to your Convex app.
Yup thanks, been going through this. Just starting to think beyond the most basic use case.
FWIW, I'm comparing Convex against Supabase at the moment. Definitely seeing where convex excels, but auth in general has been orders of magnitude more difficult to get off the ground.
Would be great for easier adoption if there was more turnkey integrations available that were web/native agnostic.
Personally I would have opted for Google Identity Provider as I know it well and its very cost effective, however, it wasn't clear to me if it works with Convex and, if so, how to setup.
Auth0 (and competitors) bring a lot of uncertainty to my app as I have no visibility into cost as soon as I exceed 10k users (and up to that point, its not cheap either).
Supabase offering auth as a first-class citizen made onboarding much easier for sure.
@allen good feedback! better first-party auth support is on our roadmap. we're not satisfied with what we have here either
@allen for what it's worth, Google Identity provides OpenId, so should work similarly to Auth0 — we chose Auth0 for the examples because it was something we heard folks were familiar with.
Great to hear an example of this would be helpful
For clarity, Google Identity ≠ Google Identity Platform (Google's product naming, amiright...).
https://cloud.google.com/identity-platform/
Google Cloud
Identity Platform | Google Cloud
Add identity and access management functionality to your app, protect user accounts, and scale with confidence using a cloud-based CIAM platform.
While they explicitly state they offer OpenId as a federated provider (and charge quite a bit more for that integration) it wasnt clear to me if exposes the OpenId protocol back out for others to integrate against.