Use 3rd party authentication server tokens
Hello there, I am fairly new to Appwrite and authentication in general, so this might be a stupid question. In my company we use Cidaas as an authentication server. Don't ask me why.. this was sadly not my decision π© Anyways, this Cidaas authentication comes with it's own OAuth client libraries for our Android and iOS project. We can already sign up/login/logout get the access token, refresh token and refresh those tokens just like it should. We are in a bit of a discussion with our backend team on who should deploy a server for storing app related data (e.g. user settings) - us or them. They do not want to have anything to do with it so it will inevitably rely on us. Since nobody in our team has massive knowledge of running a server, we are currently evaluating which platform to use for this type of task. So basically our question is: Can we configure Appwrite in some kind of way, so that it validates the access token from Cidaas before accessing the resources in the database? Of course this could be done via Functions, but maybe there is a better, built-in way for that?
I have seen that there is a built in JWT approach, but I am not entierly sure that this is what we want here in this case.
Of course this could be done via Functions, but maybe there is a better, built-in way for that?
Validation and authorization must be done server-side so if not an Appwrite Function, you'll need to have some other backend.
I would suggest passing the access token to whatever backend so that you can validate the token and then you can pass a token secret back to the app that can be exchanged for an Appwrite session. See https://appwrite.io/docs/products/auth/custom-token
