# Native Authentication

### What you get

* **Ready-to-use auth**: sign-up, login, logout — no custom build required.
* **Protected routes**: toggle-on shields to require login for pages or backend functions.
* **Password reset & session management** out of the box.

### Typical tasks

* **Gate a page/endpoint:** flip the protection toggle (shield) to “require login.”
* **Make something public:** turn protection off (useful for marketing or health endpoints).
* **Test the flow:** visit a protected page — you’ll be prompted to sign up/sign in automatically.

### How it fits together

* **Auth UI** (sign-up/login/reset) is provided.
* **Sessions** persist across app usage; protected routes check session state.
* **Access control** is per page/feature; you decide what’s public vs. members-only.

### Good patterns

* Default to **protected** for anything that reads/writes user data.
* Keep secrets and tokens on the server; call external APIs from the backend, not the browser.
* Pair auth with DB roles in your code (only fetch the current user’s records).

### FAQ

<details>

<summary><strong>Do I have to build my own login UI?</strong></summary>

No - native forms are included.

</details>

<details>

<summary><strong>Can I switch a page back to public later?</strong></summary>

Yes - toggles let you enable/disable auth per page or feature.

</details>

<details>

<summary><strong>Where do I see my users?</strong></summary>

In [**Users & Data**](/archive/features-legacy-databutton-web-app-builder/workspace-features/database-and-users.md), alongside your tables.

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.riff.ai/archive/features-legacy-databutton-web-app-builder/native-authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.