The core of most applications is the
user and access management. Your app will need some kind of
user identity to ensure
secure access and distribution of personalized resources across all of the user's devices.
Selfbits Authentication provides the required functionality to
authorize client users. It supports authentication using
social identity login with Facebook, Google, Slack and others. You can also allow your users to
anonymously sign in to generate a local and temporary user identity that can be
converted to an email/password account.
role based access management allows you to define access permissions. Every user is assigned a single role. Default roles are USER, ADMIN and ANONYMOUS but you can create custom roles and set their permissions.
Developer vs User: defining the terms
Before we dive deeper into the authentication processes, we want to define user centric terms that are used in this documentation.
- Developer: A person who created an account at Selfbits Platform. Developers are able to create and manage Selfbits Projects.
Selfbits Developer is used as a synonym.
- User: Represents the account of a user who signed up to an app that is powered by a Selfbits Project.
Selfbits User is used as a synonym.
- ADMIN (Role): One of three roles that are created for every Selfbits Project:
ANONYMOUS. If a developer creates a Selfbits Project, a new user with
ADMIN role is created using the developer's primary email address and a random password. By default, ADMIN Users are permitted full API access.
- USER (Role): The
USER role is assigned to new users by default.
- ANONYMOUS (Role): The
ANONYMOUS role is assigned to new users that signed up anonymously.
|Email/Password authentication||Allow users to signup and login with their email and password. Email duplicates are rejected.|
|Email verification||If you activate email verification in your project dashboard, we generate a verification email and send it from firstname.lastname@example.org to the user's email address.|
|Social signup and login||We support social providers that follow the OAuth2.0 standard like Facebook, Google, GitHub, Instagram, Bitbucket or Slack. Just add the social provider in your project dashboard and enter the credentials you received from your social authentication provider|
|Anonymous signup||You can create anonymous user accounts to access personalized resources without the need to enter credentials. Anonymous identities are temporary and bound to the device (mobile) or session (web). If anonymous users want to upgrade to a regular users, they can convert by entering email/password and keep their data|