Guides

Quick start
Authenticate the user
- Use account password authentication
- Use SMS verification code authentication
- Use social login authentication
- Use scan code login authentication
- Certify in Mini Program
- Implement single sign-on (SSO)
- Single sign-on on the mobile terminal
- Multi-factor authentication (MFA)
- Extend the authentication process
- Personalize the guard
Authority management for users
Authorization
Manage user accounts
Manage User Directory
Management Application
Become a source of federal authentication identity
Connect to an external identity provider (IdP)
Open up WeChat ecology
Migrate users to Authing
Management organization
Expandable capabilities
Audit Log
Configure security information
Configure user pool information
Deployment plan
Frequently Asked Questions FAQs

¶ Extend the authentication process with Pipeline

Update Time: 2024-10-10 07:28:40

Authing Pipeline is a set of user defined JavaScript codes running in the cloud, allowing developers to extend and customize Authing capabilities.

Authing Pipeline functions are all user definable, and we also provide a wealth of function templates to help developers get started quickly.

Pipeline is a set of functions. The difference from ordinary Hooks is that the function data in the entire pipeline can be transferred to each other to achieve the performance as an industrial pipeline. This design pattern can make the developer's custom modular function which is easy to manage.

The back-end of Authing Pipeline uses a serverless architecture, and all user defined codes run in the cloud to ensure isolation between different tenants. Also, it can be elastically scaled, which not only ensures security, but also improves operating efficiency.

You can use Authing Pipeline to achieve the following functions:

Whitelist: Such as the whitelist of registered email suffixes, the whitelist of registered IPs, etc.
Event notification: Such as sending group notification after user registration, notification of user login IP exception, etc.
Privilege control: Such as adding users to a user group based on their email after logging in.
Extended user fields: such as adding custom Metadata to the requesting user.
Custom token: For example, add custom fields to the token.
... and more, the imagination is endless.

For example, through the following code, we can implement the logic of prohibiting registration of email that do not end with ** example.com **

async function pipe(user, context, callback) {
  const { email } = context.request.body;
  // 非邮箱注册方式
  if (!email) {
    return callback(null, user, context);
  }
  if (!email.endsWith("example.com")) {
    return callback(new Error("Access denied."));
  }
  return callback(null, user, context);
}

For more scenarios and detailed documents, please seehere。

Prev: Use a custom database to authenticate users Next: Use Webhook to monitor authentication events