#custom auth integration

I'm looking through medusa docs but i'm a bit stuck on what the best path forward is for me to integrate medusa with our existing auth service.

We use cookie based auth where a client will talk to a separate auth microservice, acquire a cookie, and downstream services (incl medusa) will be sent requests with this cookie.

We just need to grab the cookie, verify it to determine the user and authenticate the request.

Medusa's auth implementation seems very standalone, and i can't find a nice way to integrate it into our stack with the existing system - hence I'm reaching out here.

We shouldn't need to do token exchanges, or custom register / login / logout routes on medusa. We just need a simple way to populate the auth context based on our cookie.

Hey @shell rapids! You can achieve this by creating a custom middleware in Medusa that reads your auth cookie on each request, verifies it with your auth service and then attaches the user info to the request context. This way, you don’t need to touch Medusa’s built-in auth routes you are just letting your existing cookie based system handle authentication and Medusa can operate with the user info provided by your middleware.

Thanks @elder wren - i'll have a shot at this. Any chance you have some further reading / docs etc I can dive into?