Authentication (Smart GWT EE API 13.0p (2026-01-27))

java.lang.Object
- com.smartgwt.client.util.Authentication

```
public class Authentication
extends java.lang.Object
```
The Authentication or Auth class represents a convenient, standard place to keep information about the currently logged in user and their assigned user roles.
The intended usage is that a server authentication system would require the user to log in, then provide data about the currently logged in user via Auth.setCurrentUser() and setRoles(). This data is then available in the Rule Scope so that components can use it to enable or disable or hide themselves, via properties such as FormItem.readOnlyWhen.
The format for user records is not explicitly defined or restricted by the Authentication subsystem but we recommend using the format described by getUserSchema().
Having a standardized user record allows application designers to rely on a well-known set of field names at design time, and then at deployment time when a particular authentication system is chosen, the deployer can simply fill in the standardized user record from the data that the chosen authentication system returns. This also allows authentication systems to be swapped out in the future without the need to change application code.
The DataSource returned by getUserSchema() is used solely for visual tools to help with application authoring.
It is not intended to be used directly to store and retrieve user data, and while we recommend this format it is not a requirement that user records conform to it.
There are no security implications to calling setRoles() or other APIs on the Authentication class. The provided data affects only client-side components. All actual security enforcement must be done server-side - see the QuickStart Guide, especially the sections on Declarative Security, to understand how role-based authorization can be used on the server.

Constructor Summary

Constructors
Constructor and Description

Authentication()

Constructors
Constructor and Description
`Authentication()`

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static java.lang.String[]`	`getAvailableRoles()` Returns the full set of available user roles specified by `setAvailableRoles()`.
`static Record`	`getCurrentUser()` Returns the current user specified by `setCurrentUser()`.
`static java.lang.String`	`getCurrentUserId()` Convenience method to return the `"userId"` attribute of the `current user` if there is one.
`static java.lang.String[]`	`getRoles()` Returns the current set of user roles.
`static DataSource`	`getUserSchema()` Returns a DataSource describing the standard schema for user data.
`static java.lang.Boolean`	`hasRole(java.lang.String role)` Is the current user assigned to the specified role?
`static void`	`isSuperUser(java.lang.Boolean isSuperUser)` Has the current user been marked as a super-user via `setSuperUser()`?
`static void`	`setAvailableRoles(java.lang.String[] roles)` Specify the full set of available user roles.
`static void`	`setCurrentUser(Record user)` Set up the current user.
`static void`	`setRoles(java.lang.String[] roles)` Set the user roles for the current user.
`static void`	`setSuperUser(java.lang.Boolean isSuperUser)` Mark the current user as a super-user.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - Authentication
```
public Authentication()
```
- Method Detail
  - getAvailableRoles
```
public static java.lang.String[] getAvailableRoles()
```
    Returns the full set of available user roles specified by setAvailableRoles().
    
    Returns:
    
    full set of possible user roles.
  - getCurrentUser
```
public static Record getCurrentUser()
```
    Returns the current user specified by setCurrentUser().
    This method returns the user record currently available in the Canvas.ruleScope as "auth.currentUser".
    
    Returns:
    
    Record with attributes detailing the current user
  - getCurrentUserId
```
public static java.lang.String getCurrentUserId()
```
    Convenience method to return the "userId" attribute of the current user if there is one.
    
    Returns:
    
    userId attribute of the current user record if there is one.
  - getRoles
```
public static java.lang.String[] getRoles()
```
    Returns the current set of user roles. For super users this will be the intersection of any roles specified by setRoles() and the full set of available roles - otherwise it will be the set of roles specified by setRoles().
    Current set of user roles are available in the Canvas.ruleScope as a top-level property "userRoles", so that it can be used in criteria such as Canvas.visibleWhen or FormItem.readOnlyWhen.
    
    Returns:
    
    set of roles which apply to the current user
  - getUserSchema
```
public static DataSource getUserSchema()
```
    Returns a DataSource describing the standard schema for user data.
    The schema contains the following fields:
    
    Field Name Type
    
    "userId" "text"
    
    "email" "text"
    
    "firstName" "text"
    
    "lastName" "text"
    
    "title" "text"
    
    "phone" "phoneNumber"
    
    "superUser" "boolean"
    
    Returns:
    
    user schema dataSource
  - hasRole
```
public static java.lang.Boolean hasRole(java.lang.String role)
```
    Is the current user assigned to the specified role?
    
    Parameters:
    
    role - role to check in current roles
    
    Returns:
    
    true if the user has the role in its getRoles() list; false otherwise
    
    See Also:
    
    getRoles()
  - isSuperUser
```
public static void isSuperUser(java.lang.Boolean isSuperUser)
```
    Has the current user been marked as a super-user via setSuperUser()?
    
    Parameters:
    
    isSuperUser - New super user status
  - setAvailableRoles
```
public static void setAvailableRoles(java.lang.String[] roles)
```
    Specify the full set of available user roles.
    Note that if the current user has been marked as a superUser, getRoles() will return the full set of available roles.
    
    Parameters:
    
    roles - full set of possible user roles.
  - setCurrentUser
```
public static void setCurrentUser(Record user)
```
    Set up the current user. This method makes the user record available in the Canvas.ruleScope as "auth.currentUser".
    
    Parameters:
    
    user - Record with attributes detailing the current user
  - setRoles
```
public static void setRoles(java.lang.String[] roles)
```
    Set the user roles for the current user. Roles may be retrieved via getRoles().
    Calling setRoles() makes the specified set of user roles available in the Canvas.ruleScope as a top-level property "userRoles", so that it can be used in criteria such as Canvas.visibleWhen or FormItem.readOnlyWhen.
    Note that if this current user has been marked as a super-user, getRoles() will return the full set of available roles rather than the set of roles specified here.
    
    Parameters:
    
    roles - set of roles which apply to the current user
  - setSuperUser
```
public static void setSuperUser(java.lang.Boolean isSuperUser)
```
    Mark the current user as a super-user. This causes getRoles() to return the full set of available roles if specified
    
    Parameters:
    
    isSuperUser - New super user status

Field Name	Type
"userId"	"text"
"email"	"text"
"firstName"	"text"
"lastName"	"text"
"title"	"text"
"phone"	"phoneNumber"
"superUser"	"boolean"

Class Authentication

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

Authentication

Method Detail

getAvailableRoles

getCurrentUser

getCurrentUserId

getRoles

getUserSchema

hasRole

isSuperUser

setAvailableRoles

setCurrentUser

setRoles

setSuperUser