Stage:
General Availability
Available on self-hosted:
Yes
Third-Party Authentication allows Assistance APIs to trust JWTs issued by external authentication providers. Your existing auth system issues JWTs that Assistance verifies but doesn't create, enabling integration with Firebase Authentication, Auth0, or custom providers.
Key benefits
- Existing auth integration: Use your production auth system with Assistance APIs.
- No user migration: Avoid migrating users to Assistance Auth.
- Multi-provider support: Authenticate with multiple providers simultaneously.
- JWT verification: Assistance verifies tokens against provider signing keys.
- Works across Assistance: Compatible with Data APIs, Storage, and Realtime.
Requirements
Provider must use asymmetrically signed JWTs exposed as OIDC Issuer Discovery URL. JWTs must include kid header parameter for key identification.
Third-Party Authentication is valuable for:
- Production apps with established auth systems
- Firebase Authentication users migrating to Assistance
- Multi-provider authentication strategies
- Avoiding user migration during platform adoption
Limitations
Assistance Auth cannot be disabled. Symmetric keys (HS256) not currently supported. 30-minute delay for key rotation updates.
Third-Party Authentication bridges your existing auth system with Assistance's backend services.