Auth Module

Authentication Module

Everything you need for authentication

Authenticate admin users through identity providers and store user metadata for authorization purposes. Use multiple authentication methods and easily integrate with your preferred auth-providers.


Pre-built setup to handle access and permissions

Use your preferred authentication methods and providers to handle users and customers. Set up role-based access control and manage your users directly in the Medusa Admin.

Multiple authentication methods

Authenticate customers and admin users with different methods, such as email/password, OAuth, SAML, and more.

altText of the image

Manage users in your admin

Invite new admins to your team and manage your user settings directly in the Medusa Admin.

altText of the image

Customer account handling

Let customers create their own user accounts, which they can authorize and access via social logins.

altText of the image

RBAC and permissions

Store metadata about user authorizations to control permissions and set up role-based access control.

altText of the image

Use external authentication providers

Use authentication plugins to support external authentication providers like Google, Auth0, GitHub, and more.

altText of the image
User Story icon

User Story

Learn more

Multi-level access at Patyna.

Learn how Patyna built a marketplace with different user permissions for vendors and marketplace admins.


Custom user access and profiles

Extend the authentication entity with custom metadata fields for more granular user access control. Make your customizations manageable from the user profile page using widgets.

Custom user access types

Easily extend your user access with custom attributes to control permissions when managing the store.

altText of the image

Add custom user widgets

Use Widgets and the Medusa UI library to inject native-looking custom functionality into the User page of the Medusa Admin.

altText of the image

Authentication engine for your commerce operations

Manage authentication and authorization for users and customers of your Medusa store.

Pre-built authentication logic

  • Verify authentication claims made by users

  • Store and manage different authentication methods

  • Support email/password, OAuth, SAML, and more

  • Set up RBAC using metadata

  • Use to authenticate admin users and customers

  • Store metadata about the AuthUser’s authorization

  • Manage users directly in the admin

  • Use pre-built auth providers like Google

Connect and customize

  • Integrate with external auth providers

  • Add custom user access attributes

  • Rip and replace with your own custom system

  • Works with all Medusa modules

  • Use Workflows to connect with third-party systems

  • !

    Connect with own custom data models

  • !

    Add custom authentication or user widgets

  • !

    Use standalone along with your own systems

  • !

    Ships as standalone npm package


Get Started

Copy the command and get started with Medusa in 3 mins.