Ember and Sails authentication options

What are the possible ways of authenticating an Ember app with a Sails backend? This is an overview of the current offer of tools and addons available for session and token based authentication.

    1. Passport
    2. Waterlock
  1. Sane Stack
    1. sane-auth
  2. TL;DR

In the past I've used succesfully Ember Simple Auth (ESA), so I'll default to it. The question is now reduced to: What will I use in Sails to be able to talk to ESA?


A Express compatible authentication middleware. The library is designed to be very flexible, also framework and database agnostic. It is a mature tool that can do much more than other packages.

Since Sails is built on top of Express, this will work, an example can be found at: sails-authorization Also, in how-to-sane you'll find a Passport + ESA + OAuth2 solution.

Other Passport based packages: sails-auth, sails-generate-auth


Provides user authentication for Sails with JSON web tokens (JWT). This tool was built exclusively for Sails and relies on jwt-simple.

Sane Stack

Chances are that you are using Sane. The latest version, 0.1.0-beta.1, introduces a feature that allows you to install addons.


A Sane addon that provides basic authentication for the full stack. Under the hood its using express-jwt + ESA + OAuth2.

This package is a machinepack, that is the name given to NPM modules that comply to a standarized interface described in node-machine.org

You'll find a usage example and a more detailed explanation of how it works in Sane-Auth example.


If you are working with Sails and Ember, the assumption is that your backend works as a RESTful API, all you need is one of these:

If for some reason you have extra requirements (e.x. need a session) look into this: