{"_id":"56d1f33a00a2a70b00b365d2","__v":7,"user":"5564b8233b87582b003ab99b","version":{"_id":"56d1f33700a2a70b00b3658e","project":"5526c95cf69851170038b48f","__v":2,"createdAt":"2016-02-27T19:04:23.946Z","releaseDate":"2016-02-27T19:04:23.946Z","categories":["56d1f33900a2a70b00b3658f","56d1f33900a2a70b00b36590","56d1f33900a2a70b00b36591","56d1f33900a2a70b00b36592","56d1f33900a2a70b00b36593","56d1f33900a2a70b00b36594","56d1f33900a2a70b00b36595","56d1f33900a2a70b00b36596","56d1f33900a2a70b00b36597","56d1f33900a2a70b00b36598","56d1f33900a2a70b00b36599","56d1f33900a2a70b00b3659a","571f9497ada30c34003b7cee"],"is_deprecated":false,"is_hidden":false,"is_beta":true,"is_stable":true,"codename":"beta","version_clean":"2.0.0-beta","version":"2.0.0-beta"},"parentDoc":null,"project":"5526c95cf69851170038b48f","category":{"_id":"56d1f33900a2a70b00b36592","project":"5526c95cf69851170038b48f","version":"56d1f33700a2a70b00b3658e","pages":["56d1f33b00a2a70b00b365d3","56d1f33b00a2a70b00b365d4","56d1f33b00a2a70b00b365d5","56d1f33b00a2a70b00b365d6","56d1f33b00a2a70b00b365d7","56d1f33b00a2a70b00b365d8","56d1f33b00a2a70b00b365d9","56d1f33b00a2a70b00b365da","56d1f33b00a2a70b00b365db","56d1f33b00a2a70b00b365dc","56d5984cf612b80b00fb6997"],"__v":2,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-04-10T15:43:12.697Z","from_sync":false,"order":2,"slug":"ionic-user","title":"Ionic User"},"updates":[],"next":{"pages":[],"description":""},"createdAt":"2015-12-07T16:07:25.973Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":2,"body":"[block:callout]\n{\n  \"type\": \"danger\",\n  \"title\": \"Required Plugin\",\n  \"body\": \"This feature requires the InAppBrowser plugin. Run `ionic plugin add cordova-plugin-inappbrowser` to install it.\"\n}\n[/block]\nIf you would like to use your own authentication server, you can use the custom authentication provider type. A unique user ID will still be generated to identify the user in the Ionic Platform, and you will also need to provide your own ID to identify the user on your authentication server.\n[block:callout]\n{\n  \"type\": \"danger\",\n  \"body\": \"At the foundation of Ionic authentication are JSON Web Tokens ([JWTs](http://jwt.io/)). If you are unfamiliar with JWTs, we recommend you familiarize yourself with them in order to ensure a secure authentication system.\"\n}\n[/block]\nYour authentication endpoint will need to do the following:\n\n1. Verify the signature on an incoming token\n2. Keep track of `redirect_uri` and `state`, which are sent in the query string\n3. [Handle the authentication](#section-authenticate)\n4. Construct an outgoing token with a payload containing `user_id` with a string value of your ID (which will be stored in Ionic as `external_id`)\n5. Redirect to `redirect_uri` with `token` (the generated outgoing JWT you just constructed) and `state` (the parameter which Ionic uses to verify your redirect) in the query string of the redirect URL\n[block:callout]\n{\n  \"type\": \"info\",\n  \"title\": \"Looking for Examples?\",\n  \"body\": \"[These examples](https://github.com/driftyco/custom-auth-examples) (implemented in various web frameworks and languages) should help you get started using Custom Authentication.\"\n}\n[/block]\n## Add the integration details\n\nThe incoming and outgoing tokens both use the `Shared Secret` that you define in the **User Auth** section of the Ionic Platform app settings page.\n\nWhen a user attempts to login, they will be routed through Ionic to the `Endpoint` you define.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/TklHHauT1LgxhpiOdfyw_Screen%20Shot%202015-12-07%20at%2012.22.37%20PM.png\",\n        \"Screen Shot 2015-12-07 at 12.22.37 PM.png\",\n        \"1448\",\n        \"720\",\n        \"#557bba\",\n        \"\"\n      ]\n    }\n  ]\n}\n[/block]\n## Authenticate\n\nHandling the authentication process is really up to how your server handles authentication, but there are two main scenarios that we expect most developers will implement:\n\n* Providing a form in the app that will collect and pass information ultimately to your service.\n* Providing a form on your own website, or redirecting to some other form of authentication.\n\nUse the `custom` provider type to authenticate users with your server:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"Ionic.Auth.login('custom', {'remember': true}).then(success, failure);\",\n      \"language\": \"javascript\"\n    }\n  ]\n}\n[/block]\nAs with `basic` authentication, `login` accepts a third parameter for additional data. In `custom` authentication, `data` is sent in the token payload that gets sent to your server.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"var authOptions = {'remember': true};\\nvar data = {'username': form.username, 'password': form.password};\\nIonic.Auth.login('custom', authOptions, data)\\n  .then(success, failure);\",\n      \"language\": \"javascript\"\n    }\n  ]\n}\n[/block]\nIf the above lines are unfamiliar to you, you should check out the [authenticating users](doc:user-authentication#section-authenticate-users) docs.","excerpt":"Authenticate your application users on your server","slug":"custom-authentication","type":"basic","title":"Custom Authentication"}

Custom Authentication

Authenticate your application users on your server

[block:callout] { "type": "danger", "title": "Required Plugin", "body": "This feature requires the InAppBrowser plugin. Run `ionic plugin add cordova-plugin-inappbrowser` to install it." } [/block] If you would like to use your own authentication server, you can use the custom authentication provider type. A unique user ID will still be generated to identify the user in the Ionic Platform, and you will also need to provide your own ID to identify the user on your authentication server. [block:callout] { "type": "danger", "body": "At the foundation of Ionic authentication are JSON Web Tokens ([JWTs](http://jwt.io/)). If you are unfamiliar with JWTs, we recommend you familiarize yourself with them in order to ensure a secure authentication system." } [/block] Your authentication endpoint will need to do the following: 1. Verify the signature on an incoming token 2. Keep track of `redirect_uri` and `state`, which are sent in the query string 3. [Handle the authentication](#section-authenticate) 4. Construct an outgoing token with a payload containing `user_id` with a string value of your ID (which will be stored in Ionic as `external_id`) 5. Redirect to `redirect_uri` with `token` (the generated outgoing JWT you just constructed) and `state` (the parameter which Ionic uses to verify your redirect) in the query string of the redirect URL [block:callout] { "type": "info", "title": "Looking for Examples?", "body": "[These examples](https://github.com/driftyco/custom-auth-examples) (implemented in various web frameworks and languages) should help you get started using Custom Authentication." } [/block] ## Add the integration details The incoming and outgoing tokens both use the `Shared Secret` that you define in the **User Auth** section of the Ionic Platform app settings page. When a user attempts to login, they will be routed through Ionic to the `Endpoint` you define. [block:image] { "images": [ { "image": [ "https://files.readme.io/TklHHauT1LgxhpiOdfyw_Screen%20Shot%202015-12-07%20at%2012.22.37%20PM.png", "Screen Shot 2015-12-07 at 12.22.37 PM.png", "1448", "720", "#557bba", "" ] } ] } [/block] ## Authenticate Handling the authentication process is really up to how your server handles authentication, but there are two main scenarios that we expect most developers will implement: * Providing a form in the app that will collect and pass information ultimately to your service. * Providing a form on your own website, or redirecting to some other form of authentication. Use the `custom` provider type to authenticate users with your server: [block:code] { "codes": [ { "code": "Ionic.Auth.login('custom', {'remember': true}).then(success, failure);", "language": "javascript" } ] } [/block] As with `basic` authentication, `login` accepts a third parameter for additional data. In `custom` authentication, `data` is sent in the token payload that gets sent to your server. [block:code] { "codes": [ { "code": "var authOptions = {'remember': true};\nvar data = {'username': form.username, 'password': form.password};\nIonic.Auth.login('custom', authOptions, data)\n .then(success, failure);", "language": "javascript" } ] } [/block] If the above lines are unfamiliar to you, you should check out the [authenticating users](doc:user-authentication#section-authenticate-users) docs.