Custom JWT token for authentication
Hi, I have a question: Can we issue a JWT token directly in Convex and use it for authentication, without relying on any third-party authentication provider? I couldn’t find any documentation related to this.
12 Replies
Thanks for posting in <#1088161997662724167>.
Reminder: If you have a Convex Pro account, use the Convex Dashboard to file support tickets.
- Provide context: What are you trying to achieve, what is the end-user interaction, what are you seeing? (full error message, command output, etc.)
- Use search.convex.dev to search Docs, Stack, and Discord all at once.
- Additionally, you can post your questions in the Convex Community's <#1228095053885476985> channel to receive a response from AI.
- Avoid tagging staff unless specifically instructed.
Thank you!
Yes! An example of this is Convex Auth, a library that issues its own JWTs using Convex backend HTTP endpoints: https://labs.convex.dev/auth
Convex Auth - Convex Auth
Authentication library for your Convex backend
@ballingt after reading the docs, I still don't know how to create a custom token for authentication 🥲
@ChrisLi could you say more about what you want to do?
"Issue a JWT token directly in Convex a custom token" sounds like you'd like to mint a JWT
Context:
My website has another use case as a Discord activity. Outside Discord, I use Google login with Convex/auth. But in the Discord, it will send a code to my convex backend to get access token.
in this case, I have no idea of how to connect it with convex/auth, so I want to try to issue a custom token to the discord activity client.
manually manage the authentication, still want the ability to call const uid = await getAuthUserId(ctx); in functions
hope this makes sense
Yes this makes sense!
You'd have to look into how https://www.npmjs.com/package/@convex-dev/auth works to do this
since this isn't a supported auth strategy, you're writing your own auth at this point
but it shows a good example of how to do it
thanks!
issue a custom token to the discord activity clientsounds like you want Discord to validate this JWT for your users, yeah?
yep
and it will be validated by hitting happy-animal-123.convex.site/.well-known/something
ok, so jwt strategy is not supported by convex/auth, right?
I'm not sure what that means exactly but it sounds plausible
convex/auth only supports email, google, and like three other things
none of them are providing your own JWT
although the way all of them work is by minting a JWT
and it's your code that does this, that's what the library does
but yeah you need to change the library code, consider it an example