Phoenix Guide

Best Authentication for Phoenix (2026)

Compare the best authentication solutions for Phoenix. We review phx.gen.auth, Guardian, and third-party providers with Elixir integration.

Phoenix has excellent built-in authentication generators and JWT libraries. We've evaluated authentication solutions that work well with Elixir's functional patterns.

Pourquoi C'est Important

Phoenix's authentication generators provide secure defaults out of the box. Third-party providers add features like social login and MFA without complexity.

Considérations Clés

phx.gen.auth

Built-in generator creates complete auth system. Email/password, sessions, password reset. Secure by default.

Guardian JWT

Guardian is the standard JWT library for Elixir. Works with any token issuer. Good for APIs.

Plug-Based Auth

Phoenix uses plugs for auth middleware. Easy to integrate any provider with custom plugs.

LiveView Auth

LiveView has built-in auth patterns. Sessions work across HTTP and WebSocket connections.

Ueberauth

Ueberauth provides OAuth strategies for social login. Many provider strategies available.

Nos Recommandations

Auth0

Meilleur Géré Bon Support

Auth0 works with Phoenix via OIDC. Use Guardian to validate JWTs. 7,500 MAU free. Full-featured auth without managing users.

Use ueberauth_auth0 or validate JWTs with Guardian

Site Web → Documentation →

Clerk

Meilleure DX Bon Support

Clerk provides modern auth with great DX. Validate JWTs with Guardian. 10,000 MAU free. Best frontend components.

Validate Clerk JWTs with Guardian

Site Web → Documentation →

Supabase Auth

Meilleur Gratuit Bon Support

Supabase Auth works as JWT issuer. Validate with Guardian. 50,000 MAU free. Good value for Phoenix projects.

Validate Supabase JWTs with Guardian

Site Web → Documentation →

Keycloak

Meilleur Auto-hébergé Bon Support

Keycloak for enterprise self-hosted auth. OIDC works with Guardian. SAML, LDAP support. Free and open source.

Configure OIDC with Guardian

Site Web → Documentation →

Firebase Authentication

Meilleur Google Bon Support

Firebase Auth works with Guardian JWT validation. Google ecosystem integration. Generous free tier.

Validate Firebase JWTs with Guardian

Site Web → Documentation →

Comparaison Rapide

Service	TypeScript	Edge	Offre Gratuite	Temps de Configuration
Auth0	none	—	7,500 MAU	30 min
Clerk	none	—	10,000 MAU	25 min
Supabase Auth	none	—	50,000 MAU	25 min
Keycloak	none	—	Unlimited (self-host)	45 min
Firebase Authentication	none	—	50,000 MAU	30 min

Démarrage Rapide

Guardian JWT Validation lib/my_app_web/auth/guardian.ex

defmodule MyAppWeb.Guardian do
  use Guardian, otp_app: :my_app

  def subject_for_token(user, _claims) do
    {:ok, to_string(user.id)}
  end

  def resource_from_claims(claims) do
    user = MyApp.Accounts.get_user!(claims["sub"])
    {:ok, user}
  rescue
    Ecto.NoResultsError -> {:error, :resource_not_found}
  end
end

Modèles d'Intégration Courants

phx.gen.auth + Guardian

Built-in session auth for web, Guardian for API tokens.

Auth0 + LiveView

Auth0 for authentication, session tokens for LiveView.

auth0

Ueberauth + Social Login

Ueberauth strategies for Google, GitHub, Twitter, etc.

Questions Fréquemment Posées

Should I use phx.gen.auth or a third-party provider? ▼

Use phx.gen.auth for simple email/password with full control. Use third-party providers (Auth0, Clerk) for social login, MFA, and enterprise features.

How do I add social login to Phoenix? ▼

Use Ueberauth with provider strategies (ueberauth_google, ueberauth_github). Configure in config.exs, add routes and callbacks.

How does auth work with LiveView? ▼

LiveView mounts with session data. Use on_mount hooks to verify user. Session-based auth works across HTTP and WebSocket.

What's the best free auth for Phoenix? ▼

phx.gen.auth is free and built-in. For managed: Supabase Auth (50,000 MAU free), Clerk (10,000 MAU free).

Guides Connexes

Phoenix database Phoenix hosting Ruby on Rails auth

Comparer en Détail

Dernière mise à jour: January 11, 2026