Skip to main content

Sign Up

Altogic provides three methods to manage user accounts through the client library. You can sign up your app users using email, phone number or 3rd party oAuth provider (e.g., Google, Twitter, Facebook) based authentication flows.

Sign up users with email

You can create a new user with email and password by using signUpWithEmail method.

let email = "[email protected]";
let password = "12345%";
let name = "Luke";

//Sign up a new user with email and password
const result = await altogic.auth.signUpWithEmail(email, password);

//Sign up a new user with email, password and name
const result = await altogic.auth.signUpWithEmail(email, password, name);

//Sign up a new user with email, password and additional user data
const result = await altogic.auth.signUpWithEmail(email, password,
{ name: 'Luke',
surname: 'Skywalker',
title: 'Jedi'
});
Example response
{
"user": {
"_id": "623215f2b46a9b5bb144e5d4",
"provider": "altogic",
"providerUserId": "623215f2b46a9b5bb144e5d4",
"email": "[email protected]",
"signUpAt": "2022-03-16T16:53:06.237Z",
"lastLoginAt": "2022-03-16T16:53:06.237Z",
"emailVerified": false,
"name": "Rooby"
},
"session": null,
"errors": null
}
note

By default email verification is enabled in your App settingsAuthentication view of Designer.

  • Once you call this method, a verification email will be sent to the user with a link to click and this method returns the user data with a null session.
  • Until the user click this link, the email address will not be verified and a session will not be created.
  • If a user tries to sign in to an account where email has not been verified yet, an error message will be returned asking for email verification.

If you would like to change this, you can disable "Confirm email addresses" in your App settingsAuthentication view of Designer.

After the user clicks on the link in the confirmation email, Altogic verifies the verification token sent in the email and if the email is verified successfully redirects the user to the Redirect URL with an access_token.

tip

You can define the Redirect URL in your App settingsAuthentication view of Designer. Additionally you can override this value in your Environment details view for each environment.

http://localhost:3001/auth-redirect?status=200&access_token=0e55c6fa93ae4e8cbf6d57fa&action=email-confirm

You can use Redirect URL and this access_token to get authentication grants with getAuthGrant method, namely the user data and a new session object will be returned.

~ /page/auth-redirect.js
let accessToken = "0e55c6fa93ae4e8cbf6d57fa";

// After email address verified, you can get user and session data using the `access_token`
// If no `access_token` specified as input, tries to retrieve the accessToken from the
// browser url query string parameter named 'access_token'.

const result = await altogic.auth.getAuthGrant(accessToken);
Example response
{
"user": {
"_id": "6234a7210b72592107523c6c",
"provider": "altogic",
"providerUserId": "6234a7210b72592107523c6c",
"email": "[email protected]",
"signUpAt": "2022-03-18T15:37:05.835Z",
"lastLoginAt": "2022-03-18T16:35:13.693Z",
"emailVerified": true,
"name": "Rooby"
},
"session": {
"userId": "6234a7210b72592107523c6c",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlb...",
"creationDtm": "2022-03-18T16:35:13.702Z",
"userAgent": {
"family": "Chrome",
"major": "99",
"minor": "0",
"patch": "4844",
"device": {
"family": "Other",
"major": "0",
"minor": "0",
"patch": "0"
},
"os": {
"family": "Mac OS X",
"major": "10",
"minor": "15",
"patch": "7"
}
},
"accessGroupKeys": []
},
"errors": null
}
note

If you would like to disable email verification, you can visit App settingsAuthentication view of Designer and disable "Confirm email addresses".

  • If email confirmation is disabled, a newly created session object with the user data will be returned immediately when you call the signUpWithEmail method.

If the email of a user cannot be authenticated, your frontend app will be redirected to the Redirect URL and an error message will be provided in the query string parameter named error.

http://localhost:3001/auth-redirect?status=400&action=email-confirm&error=Invalid+or+expired+access+token

Parameters

Here you can find the parameters for the signUpWithEmail method.

#

Name

Data type

Required

Description

1emailstringYesUnique email address of the user. If there is already a user with the provided email address then an error is raised.
2passwordstringYesPassword of the user, should be at least 6 characters long.
3name or user datastring or user object with key-value pairsNoName of the user or additional user data associated with the user that is being created in the database. Besides the name of the user, you can pass additional user fields with values (except email and password) to be created in the database.
tip

Altogic provides a default SMTP server that you can use to send emails.

  • There will be daily (100 emails/day) and monthly (1000 emails/month) quotas on the number of emails sent. You can define your own SMTP server not to be affected by the limits, and if you use Altogic's default SMTP server, all authorization-related emails will be sent from [email protected] email address.

  • You can customize email verification message template from App settingsAuthenticationMessage templatesConfirm Sign up Message view of the Designer.

Resend verification email

You can resend verification email to the user by calling the resendVerificationEmail method.

let email = "[email protected]";

// Resends verification email to the user
const { errors } = await altogic.auth.resendVerificationEmail(email);
note

If email confirmation is disabled in your App settingsAuthentication view of Designer or the email address of the user is already verified, it returns an error.

Parameters

Here you can find parameters for the resendVerificationEmail method.

#

Name

Data type

Required

Description

1emailStringYesThe email address of the user.

Sign up new users with phone number

You can create a new user with mobile phone number and password by calling signUpWithPhone method.

tip

If phone number verification is anabled, you need to make specific configuration at your SMS provider to use this method. Altogic currently supports Twilio, MessageBird and Vonage to send SMS.

You can customize verification sms message template from App settingsAuthenticationMessage templatesVerification SMS Message view of the Designer.

let number = "+15555555555";
let password = "12345%";
let name = "Luke";

// Sign up a new user with mobile phone number and password
const result = await altogic.auth.signUpWithPhone(number, password);

//Sign up a new user with mobile phone number, password and name
const result = await altogic.auth.signUpWithPhone(number, password, name);

//Sign up a new user with mobile phone number, password and additional user data
const result = await altogic.auth.signUpWithPhone(number, password,
{ name: 'Luke',
surname: 'Skywalker',
title: 'Jedi'
});

Example response
{
"user": {
"_id": "6234d2f60b72592107523c6d",
"provider": "altogic",
"providerUserId": "6234d2f60b72592107523c6d",
"phone": "+15555555555",
"signUpAt": "2022-03-18T18:44:06.878Z",
"lastLoginAt": "2022-03-18T18:44:06.878Z",
"phoneVerified": false,
"name": "Rooby"
},
"session": null,
"errors": null
}
note

By default phone number authentication is disabled in your App settingsAuthentication view of Designer. You can visit AuthenticationMobile phone authentication view to enable "Confirm phone number".

  • Once you call this method, a verification code will be sent to the phone over SMS and the client library returns the user data with a null session.
  • Until the user validates this code by calling verifyPhone, the phone number will not be verified.
  • If a user tries to sign in to an account where phone number has not been confirmed yet, an error message will be returned asking for phone number verification.

After user receives the verification code, you can use verifyPhone method to verify the phone number.

let phone = "+15555555555";
let code = "314159";

// Verify phone number using the verification code sent to the phone
// number over SMS and return the user and session data

const result = await altogic.auth.verifyPhone(phone, code);
Example response
{
"user": {
"_id": "6234d2f60b72592107523c6d",
"provider": "altogic",
"providerUserId": "6234d2f60b72592107523c6d",
"phone": "+15555555555",
"signUpAt": "2022-03-18T18:44:06.878Z",
"lastLoginAt": "2022-03-18T18:52:03.892Z",
"phoneVerified": true,
"name": "Rooby"
},
"session": {
"userId": "6234d2f60b72592107523c6d",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbnZJZCI...",
"userAgent": {
"family": "Chrome",
"major": "99",
"minor": "0",
"patch": "4844",
"device": {
"family": "Other",
"major": "0",
"minor": "0",
"patch": "0"
},
"os": {
"family": "Mac OS X",
"major": "10",
"minor": "15",
"patch": "7"
}
},
"accessGroupKeys": []
},
"errors": null
}
note

If you would like to disable phone number verification, you can visit App settingsAuthentication view of Designer and disable "Confirm phone number ".

  • If phone number confirmation is disabled, a newly created session object and the user data will be returned immediately when you call the signUpWithPhone method.

Parameters

Here you can find parameters for the signUpWithPhone method.

#

Name

Data type

Required

Description

1phonestringYesUnique phone number of the user including country code.
If there is already a user with the provided phone number then an error is raised.
2passwordstringYesPassword of the user, should be at least 6 characters long.
3name or user datastring or user object with key-value pairsNoName of the user or additional user data associated with the user that is being created in the database. Besides the name of the user, you can pass additional user fields with values (except phone and password) to be created in the database.

Parameters for the verifyPhone method.

#

Name

Data type

Required

Description

1phonestringYesPhone number of the user including country code.
2codestringYesVerification code received from SMS provider.

Resend phone verification code

You can resend mobiel number verification SMS code to the user by calling the resendVerificationCode method.

let phone = "+15555555555";

// Resends verification email to the user
const { errors } = await altogic.auth.resendVerificationCode(phone);
note

If phone confirmation is disabled in your App settingsAuthentication view of Designer or the phone number of the user is already verified, it returns an error.

Parameters

Here you can find parameters for the resendVerificationCode method.

#

Name

Data type

Required

Description

1phoneStringYesPhone number of the user including country code.

Sign up new users with an oAuth provider

You can sign up a user with the oAuth2 flow of the provider by calling signInWithProvider method. Altogic currently supports Google, Facebook, Twitter, Github, and Discord as a provider and calling this method will redirect the user to the relevant login page of the provider.

tip

You need to make specific configuration at the provider to retrieve client id and client secret to use this method.

Please watch our videos that explain the specific configurations that you need to make at each provider.

Additionally, you need to add these client id and client secret values to your app's authentication settings using the App settingsAuthenticationAuthentication Provider view of the Designer.

let provider = "google";

// Sign in or sign up a user by using oAuth provider
// Provider name can be "google", "facebook", "twitter", "github", "discord"
altogic.auth.signInWithProvider(provider);

If the provider's sign in flow completes successfully, Altogic redirects the user to the Redirect URL with an access_token as query string parameter that you can use to fetch the authentication grants (e.g., user and session data).

http://localhost:3001/auth-redirect?status=200&access_token=0e55c6fa93ae4e8cbf6d57fadb211b35&action=oauth-signin
let accessToken = "0e55c6fa93ae4e8cbf6d57fadb211b35";

// after oAuth provider sign-in, you can get user and session data using the `getAuthGrant`
// If no `access_token` specified as input, tries to retrieve the accessToken from the
// browser url query string parameter named 'access_token'.

const response = await altogic.auth.getAuthGrant(accessToken);
Example response
{
"user": {
"_id": "62322099f067780cad32b034",
"provider": "google",
"providerUserId": "109847134298377823387",
"name": "Rooby",
"email": "[email protected]",
"profilePicture": "https://lh3.googleusercontent.com/a-/AOh14GhCpme...",
"signUpAt": "2022-03-16T17:38:33.169Z",
"lastLoginAt": "2022-03-16T19:36:27.733Z"
},
"session": {
"userId": "62322099f067780cad32b034",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbnZJZCI6IjYyMzA0Y...",
"creationDtm": "2022-03-16T19:36:27.739Z",
"userAgent": {
"family": "Chrome",
"major": "99",
"minor": "0",
"patch": "4844",
"device": {
"family": "Other",
"major": "0",
"minor": "0",
"patch": "0"
},
"os": {
"family": "Mac OS X",
"major": "10",
"minor": "15",
"patch": "7"
}
},
"accessGroupKeys": []
},
"errors": null
}

Parameters

Here you can find parameters for the signInWithProvider method.

#

Name

Data type

Required

Description

1providerstringYesName of the oAuth2 provider, currently supporting google facebook twitter discord github