-
Notifications
You must be signed in to change notification settings - Fork 327
Projects API #2926
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
atharvadeosthale
wants to merge
28
commits into
main
Choose a base branch
from
projects-api
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Projects API #2926
Changes from 2 commits
Commits
Show all changes
28 commits
Select commit
Hold shift + click to select a range
c7d46c8
feat auth methods api
atharvadeosthale 22523cc
add missing page
atharvadeosthale 26b7433
remove announcement blog and changelog
atharvadeosthale c6097bd
platforms api docs
atharvadeosthale f129f7b
protocols and services docs + add scopes for other docs pages
atharvadeosthale ef9b09a
policies docs
atharvadeosthale e29dce5
move project to it's own project section
atharvadeosthale 9a8a762
mock phone api
atharvadeosthale c105ed4
Merge remote-tracking branch 'origin/main' into projects-api
atharvadeosthale b0cf281
docs: fix project enum class names and add mock-phones benefits
atharvadeosthale af15f30
chore: optimize project docs images to AVIF
atharvadeosthale 5447154
docs: add missing project SDK methods (ephemeral key, get platform, l…
atharvadeosthale 728e3a3
docs: add OAuth providers page to project section
atharvadeosthale 23c5e36
docs: move environment variables page from platform to project section
atharvadeosthale 4ac9ecf
docs: move project section under a new Platforms category
atharvadeosthale fc1e28a
chore: remove stray mock-phones-dark.png from repo root
atharvadeosthale 0e6cf9c
docs: add email templates page to project section
atharvadeosthale 376883d
docs: add SMTP page and required-scope info boxes to project section
atharvadeosthale fc98d28
docs: add project labels page and document project.get on overview
atharvadeosthale 5c071ba
docs: fix incorrect SDK method names and Node enum casing in project …
atharvadeosthale a8d6837
docs: document project.delete on the project overview
atharvadeosthale 2a40d9a
blog: add Projects API announcement
atharvadeosthale 81d1723
docs: add Project API journeys and platform-teams overview
atharvadeosthale 57e5e4a
Merge branch 'main' into projects-api
adityaoberai c14b70b
Merge branch 'main' into projects-api
atharvadeosthale e947780
Add password strength and email deny policies to Project API policies…
atharvadeosthale 5394143
Move Project API docs to the Partners section
atharvadeosthale 4fb5747
Trim Project API guides and add launch cover and dates
atharvadeosthale File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
294 changes: 294 additions & 0 deletions
294
src/routes/blog/post/announcing-auth-methods-api/+page.markdoc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,294 @@ | ||
| --- | ||
| layout: post | ||
| title: "Announcing the Auth methods API: Toggle authentication methods programmatically" | ||
| description: Authentication methods can now be enabled or disabled directly through Appwrite Server SDKs. Provision project auth configuration from code, automate environment setup, and centralize policy across your projects. | ||
| date: 2026-04-29 | ||
| cover: /images/blog/announcing-auth-methods-api/cover.png | ||
| timeToRead: 4 | ||
| author: matej-baco | ||
| category: announcement | ||
| featured: false | ||
| callToAction: true | ||
| --- | ||
|
|
||
| Configuring which authentication methods a project supports has always meant opening the Appwrite Console, navigating to the Auth settings, and flipping toggles by hand. For a single project, that is fine. For teams managing multiple environments, bootstrapping new projects through automation, or enforcing consistent auth policy across an organization, it becomes another manual step that does not belong in modern infrastructure workflows. | ||
|
|
||
| Today, we are announcing the **Auth methods API**, allowing you to enable or disable individual authentication methods on your project programmatically through the Appwrite Server SDKs. | ||
|
|
||
| This is part of a wider effort to make everything in Appwrite accessible through the API. Our goal is to ensure that any action you can perform in the Appwrite Console can also be done programmatically, giving you full control over your projects through code. | ||
|
|
||
| # Why this matters | ||
|
|
||
| Authentication methods are the front door to your application. Whether your users sign in with email and password, magic URLs, one-time codes, or anonymous sessions, every method needs to match your product's security posture and rollout plan. Being able to toggle methods from code opens up workflows that were previously manual: | ||
|
|
||
| - **Infrastructure-as-code pipelines** that provision new projects with the exact set of auth methods they need | ||
| - **Multi-environment setups** that keep dev, staging, and production aligned without drift | ||
| - **Incident response** where a compromised method can be disabled instantly through automated runbooks | ||
| - **Multi-tenant platforms** that adjust available auth methods per customer based on their plan or compliance needs | ||
|
|
||
| # How it works | ||
|
|
||
| The Auth methods API introduces a single endpoint on the `Project` service that updates the enabled state of any supported method. Team invites are included alongside the authentication methods because they share the same project-level enable/disable mechanism in Appwrite. | ||
|
|
||
| The supported method IDs are: | ||
|
|
||
| | Method ID | Description | | ||
| | --- | --- | | ||
| | `email-password` | Email and password sign-up and login | | ||
| | `magic-url` | Passwordless login using a magic link sent to the user's email | | ||
| | `email-otp` | Time-based one-time password sent to the user's email | | ||
| | `phone` | SMS-based phone authentication | | ||
| | `anonymous` | Guest sessions for unauthenticated visitors | | ||
| | `invites` | Team invitations for collaborative access | | ||
| | `jwt` | JWT-based authentication for delegated access | | ||
|
|
||
| When a method is disabled, the matching account endpoints reject requests for that project until it is re-enabled. | ||
|
|
||
| ## Update an auth method | ||
|
|
||
| {% multicode %} | ||
|
greptile-apps[bot] marked this conversation as resolved.
|
||
| ```server-nodejs | ||
| import { Client, Project, AuthMethod } from 'node-appwrite'; | ||
|
|
||
| const client = new Client() | ||
| .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') | ||
| .setProject('<PROJECT_ID>') | ||
| .setKey('<YOUR_API_KEY>'); | ||
|
|
||
| const project = new Project(client); | ||
|
|
||
| const result = await project.updateAuthMethod({ | ||
| methodId: AuthMethod.EmailPassword, | ||
| enabled: false | ||
| }); | ||
| ``` | ||
| ```server-deno | ||
| import { Client, Project, AuthMethod } from "npm:node-appwrite"; | ||
|
|
||
| const client = new Client() | ||
| .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') | ||
| .setProject('<PROJECT_ID>') | ||
| .setKey('<YOUR_API_KEY>'); | ||
|
|
||
| const project = new Project(client); | ||
|
|
||
| const result = await project.updateAuthMethod({ | ||
| methodId: AuthMethod.EmailPassword, | ||
| enabled: false | ||
| }); | ||
| ``` | ||
| ```server-php | ||
| <?php | ||
|
|
||
| use Appwrite\Client; | ||
| use Appwrite\Services\Project; | ||
| use Appwrite\Enums\AuthMethod; | ||
|
|
||
| $client = new Client(); | ||
|
|
||
| $client | ||
| ->setEndpoint('https://<REGION>.cloud.appwrite.io/v1') | ||
| ->setProject('<PROJECT_ID>') | ||
| ->setKey('<YOUR_API_KEY>'); | ||
|
|
||
| $project = new Project($client); | ||
|
|
||
| $result = $project->updateAuthMethod( | ||
| methodId: AuthMethod::EMAILPASSWORD(), | ||
| enabled: false | ||
| ); | ||
| ``` | ||
| ```server-python | ||
| from appwrite.client import Client | ||
| from appwrite.services.project import Project | ||
| from appwrite.enums import AuthMethod | ||
|
|
||
| client = Client() | ||
| client.set_endpoint('https://<REGION>.cloud.appwrite.io/v1') | ||
| client.set_project('<PROJECT_ID>') | ||
| client.set_key('<YOUR_API_KEY>') | ||
|
|
||
| project = Project(client) | ||
|
|
||
| result = project.update_auth_method( | ||
| method_id=AuthMethod.EMAIL_PASSWORD, | ||
| enabled=False | ||
| ) | ||
| ``` | ||
| ```server-ruby | ||
| require 'appwrite' | ||
|
|
||
| include Appwrite | ||
| include Appwrite::Enums | ||
|
|
||
| client = Client.new | ||
| .set_endpoint('https://<REGION>.cloud.appwrite.io/v1') | ||
| .set_project('<PROJECT_ID>') | ||
| .set_key('<YOUR_API_KEY>') | ||
|
|
||
| project = Project.new(client) | ||
|
|
||
| response = project.update_auth_method( | ||
| method_id: AuthMethod::EMAIL_PASSWORD, | ||
| enabled: false | ||
| ) | ||
| ``` | ||
| ```server-dotnet | ||
| using Appwrite; | ||
| using Appwrite.Enums; | ||
| using Appwrite.Services; | ||
|
|
||
| Client client = new Client() | ||
| .SetEndPoint("https://<REGION>.cloud.appwrite.io/v1") | ||
| .SetProject("<PROJECT_ID>") | ||
| .SetKey("<YOUR_API_KEY>"); | ||
|
|
||
| Project project = new Project(client); | ||
|
|
||
| var result = await project.UpdateAuthMethod( | ||
| methodId: AuthMethod.EmailPassword, | ||
| enabled: false | ||
| ); | ||
| ``` | ||
| ```server-dart | ||
| import 'package:dart_appwrite/dart_appwrite.dart'; | ||
| import 'package:dart_appwrite/enums.dart' as enums; | ||
|
|
||
| Client client = Client() | ||
| .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') | ||
| .setProject('<PROJECT_ID>') | ||
| .setKey('<YOUR_API_KEY>'); | ||
|
|
||
| Project project = Project(client); | ||
|
|
||
| final result = await project.updateAuthMethod( | ||
| methodId: enums.AuthMethod.emailPassword, | ||
| enabled: false, | ||
| ); | ||
| ``` | ||
| ```server-kotlin | ||
| import io.appwrite.Client | ||
| import io.appwrite.services.Project | ||
| import io.appwrite.enums.AuthMethod | ||
|
|
||
| val client = Client() | ||
| .setEndpoint("https://<REGION>.cloud.appwrite.io/v1") | ||
| .setProject("<PROJECT_ID>") | ||
| .setKey("<YOUR_API_KEY>") | ||
|
|
||
| val project = Project(client) | ||
|
|
||
| val result = project.updateAuthMethod( | ||
| methodId = AuthMethod.EMAIL_PASSWORD, | ||
| enabled = false | ||
| ) | ||
| ``` | ||
| ```server-java | ||
| import io.appwrite.Client; | ||
| import io.appwrite.coroutines.CoroutineCallback; | ||
| import io.appwrite.services.Project; | ||
| import io.appwrite.enums.AuthMethod; | ||
|
|
||
| Client client = new Client() | ||
| .setEndpoint("https://<REGION>.cloud.appwrite.io/v1") | ||
| .setProject("<PROJECT_ID>") | ||
| .setKey("<YOUR_API_KEY>"); | ||
|
|
||
| Project project = new Project(client); | ||
|
|
||
| project.updateAuthMethod( | ||
| AuthMethod.EMAIL_PASSWORD, | ||
| false, | ||
| new CoroutineCallback<>((result, error) -> { | ||
| if (error != null) { | ||
| error.printStackTrace(); | ||
| return; | ||
| } | ||
| System.out.println(result); | ||
| }) | ||
| ); | ||
| ``` | ||
| ```server-swift | ||
| import Appwrite | ||
| import AppwriteEnums | ||
|
|
||
| let client = Client() | ||
| .setEndpoint("https://<REGION>.cloud.appwrite.io/v1") | ||
| .setProject("<PROJECT_ID>") | ||
| .setKey("<YOUR_API_KEY>") | ||
|
|
||
| let project = Project(client) | ||
|
|
||
| let result = try await project.updateAuthMethod( | ||
| methodId: .emailPassword, | ||
| enabled: false | ||
| ) | ||
| ``` | ||
| ```server-go | ||
| package main | ||
|
|
||
| import ( | ||
| "fmt" | ||
| "github.com/appwrite/sdk-for-go/appwrite" | ||
| ) | ||
|
|
||
| func main() { | ||
| client := appwrite.NewClient( | ||
| appwrite.WithEndpoint("https://<REGION>.cloud.appwrite.io/v1"), | ||
| appwrite.WithProject("<PROJECT_ID>"), | ||
| appwrite.WithKey("<YOUR_API_KEY>"), | ||
| ) | ||
|
|
||
| project := appwrite.NewProject(client) | ||
| result, err := project.UpdateAuthMethod( | ||
| "email-password", | ||
| false, | ||
| ) | ||
|
|
||
| if err != nil { | ||
| panic(err) | ||
| } | ||
|
|
||
| fmt.Println(result) | ||
| } | ||
| ``` | ||
| ```server-rust | ||
| use appwrite::Client; | ||
| use appwrite::services::project::Project; | ||
| use appwrite::enums::AuthMethod; | ||
|
|
||
| #[tokio::main] | ||
| async fn main() -> Result<(), Box<dyn std::error::Error>> { | ||
| let client = Client::new() | ||
| .set_endpoint("https://<REGION>.cloud.appwrite.io/v1") | ||
| .set_project("<PROJECT_ID>") | ||
| .set_key("<YOUR_API_KEY>"); | ||
|
|
||
| let project = Project::new(&client); | ||
|
|
||
| let result = project.update_auth_method( | ||
| AuthMethod::EmailPassword, | ||
| false, | ||
| ).await?; | ||
|
|
||
| println!("{:?}", result); | ||
| Ok(()) | ||
| } | ||
| ``` | ||
| {% /multicode %} | ||
|
|
||
| The endpoint returns the updated [Project](/docs/references/cloud/models/project) document, with the new method state applied immediately. | ||
|
|
||
| # What is next | ||
|
|
||
| OAuth providers are configured separately today, through provider-specific settings such as app ID, secret, and redirect URI. Programmatic control over OAuth providers, including enabling and disabling them through the same Server SDKs, is on the roadmap and coming soon. | ||
|
|
||
| # Full SDK support | ||
|
|
||
| The Auth methods API is available across all Appwrite Server SDKs. Complete code examples for every supported language are available in the [Auth methods documentation](/docs/advanced/platform/auth-methods). | ||
|
|
||
| # Resources | ||
|
|
||
| - [Auth methods documentation](/docs/advanced/platform/auth-methods) | ||
| - [Authentication overview](/docs/products/auth) | ||
| - [Announcing the Keys API: Create and manage API keys with Server SDKs](/blog/post/announcing-api-keys-api) | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| --- | ||
| layout: changelog | ||
| title: "Auth methods API: toggle authentication methods with Server SDKs" | ||
| date: 2026-04-29 | ||
| cover: /images/blog/announcing-auth-methods-api/cover.png | ||
| --- | ||
|
|
||
| Authentication methods can now be enabled or disabled programmatically using the Appwrite server SDKs. The new `updateAuthMethod` endpoint on the `Project` service covers email/password, magic URL, email OTP, phone, anonymous sessions, JWT, and team invites. | ||
|
|
||
| This enables consistent auth configuration across environments, infrastructure-as-code project provisioning, and centralized policy enforcement without manual Console changes. | ||
|
|
||
| Programmatic control over OAuth providers is coming soon. | ||
|
|
||
| {% arrow_link href="/blog/post/announcing-auth-methods-api" %} | ||
| Read the announcement | ||
| {% /arrow_link %} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.