Auth Providers

In this document, you’ll learn how the Auth Module handles authentication using providers.

What's an Auth Module Provider?#

An auth module provider handles authenticating customers and users, either using custom logic or by integrating a third-party service.

For example, the EmailPass Auth Module Provider authenticates a user using their email and password, whereas the Google Auth Module Provider authenticates users using their Google account.

Auth Providers List#

Emailpass

Google

GitHub

Configure Allowed Auth Providers of Actor Types#

By default, users of all actor types can authenticate with all installed auth module providers.

To restrict the auth providers used for actor types, use the authMethodsPerActor option in Medusa's configurations:

medusa-config.ts
1module.exports = defineConfig({2  projectConfig: {3    http: {4      authMethodsPerActor: {5        user: ["google"],6        customer: ["emailpass"],7      },8      // ...9    },10    // ...11  },12})

Important: When you specify the authMethodsPerActor configuration, it overrides the default. So, if you don't specify any providers for an actor type, users of that actor type can't authenticate with any provider.

How to Create an Auth Module Provider#

Refer to this guide to learn how to create an auth module provider.

Was this page helpful?

Edit this page