# Anonymous authentication

Anonymous authentication can be allowed by creating a custom strategy that returns the params that you would like to use to identify an authenticated user.

    Next, we create a hook called allow-anonymous that sets params.authentication if it does not exist and if params.provider exists (which means it is an external call) to use that anonymous strategy:

      This hook should be added before the authenticate hook wherever anonymous authentication should be allowed:

      all: [ allowAnonymous(), authenticate('jwt', 'anonymous') ],

      If an anonymous user now accesses the service externally, the service call will succeed and have params.anonymous set to true.

      Anything unclear or missing? Get help (opens new window) or Edit this page (opens new window)

      Last Updated: 10/7/2020, 7:58:43 PM