Selfbits Authentication

The core of most applications is the user and access management. Your app will need some kind of user identity to ensure secure access and distribution of personalized resources across all of the user's devices.

Selfbits Authentication provides the required functionality to authenticate and authorize client users. It supports authentication using email/password and social identity login with Facebook, Google, Slack and others. You can also allow your users to anonymously sign in to generate a local and temporary user identity that can be converted to an email/password account.

Selfbits' role based access management allows you to define access permissions. Every user is assigned a single role. Default roles are USER, ADMIN and ANONYMOUS but you can create custom roles and set their permissions.

Developer vs User: defining the terms

Before we dive deeper into the authentication processes, we want to define user centric terms that are used in this documentation. - Developer: A person who created an account at Selfbits Platform. Developers are able to create and manage Selfbits Projects. Selfbits Developer is used as a synonym. - User: Represents the account of a user who signed up to an app that is powered by a Selfbits Project. Selfbits User is used as a synonym. - ADMIN (Role): One of three roles that are created for every Selfbits Project: ADMIN, USER, ANONYMOUS. If a developer creates a Selfbits Project, a new user with ADMIN role is created using the developer's primary email address and a random password. By default, ADMIN Users are permitted full API access. - USER (Role): The USER role is assigned to new users by default. - ANONYMOUS (Role): The ANONYMOUS role is assigned to new users that signed up anonymously.

Key Features

Feature Description
Email/Password authentication Allow users to signup and login with their email and password. Email duplicates are rejected.
Email verification If you activate email verification in your project dashboard, we generate a verification email and send it from no-reply@subdomain-api.selfbits.io to the user's email address.
Social signup and login We support social providers that follow the OAuth2.0 standard like Facebook, Google, GitHub, Instagram, Bitbucket or Slack. Just add the social provider in your project dashboard and enter the credentials you received from your social authentication provider
Anonymous signup You can create anonymous user accounts to access personalized resources without the need to enter credentials. Anonymous identities are temporary and bound to the device (mobile) or session (web). If anonymous users want to upgrade to a regular users, they can convert by entering email/password and keep their data