As is discussed in other issues like #1446, most applications will use the same database for User and other tables, thus the authentication server will share the access to the same database with hasura backend. So it will be good to have an optional built-in authentication endpoint in the hasura graphql engine.

One option is to have a customizable authenticate function similar to what graphile use in postgre db.