For an API only Phoenix Application I am looking for an authentication / user registration solution providing:
A. Email and password authentication.
B. Social authentication [Google, Apple, Facebook].
I think the best way to achieve this is by integrating Firebase Authentication or AWS Cognito into the project.
The question, how to do that ? Any ideas ?
Thank you 
Update 2024-07-19
For now, I have forked this library (to update dependency versions):
This library can be used in order to decode a Firebase Auth Token and extract from it the Firebase UID. So I guess, I need to write my own code in order to use that Firebase UID to register or lookup a user at my database. The Firebase UID can be used, I think, as a unique and primary key for my users table.
Once I decode the token and map the UID to my users table, I can then assign the user object to the conn and this way authorize him to perform certain actions.
Registration, changing passwords, using Facebook or Apple to sign in / up, can all be handled by Firebase.
Reasonable?
My suggestion wouldn’t be one of those hosted auth providers, but Stytch, since it’s an API-first auth provider with email and password auth, social auth and other integrations if you need them. Check out the docs and happy to answer any specific questions.
As someone currently building an API-only Phoenix app, I recommend using phx.gen.auth for email and password authentication, though you’ll need to tweak it for an API-only approach.
A better option is to implement custom authentication using Guardian for token generation and verification, but this requires a good understanding of how to handle security.
If pricing is not a concern, consider options like Clerk. Most user management platforms won’t have SDKs for Elixir/Phoenix, so you’ll need to write custom integration code. I used Clerk in my project before switching to custom auth.
For social authentication, Ueberauth works well out of the box. You can find more about Ueberauth here.
Let me know if you have any questions.
I did it last year with guardian, guardian_phoenix and ex_firebase_auth
Still had to write a lot of code, both backend and frontend.
© Copyright Elixir Forum | Terms | Privacy & Cookies
