search
Build with Riff

shield-checkNative Authentication

Protect what matters with native email/password auth and one-click route protection. You focus on features; the platform handles sign-up, login, sessions, and resets.

hashtag
What you get

  • Ready-to-use auth: sign-up, login, logout — no custom build required.

  • Protected routes: toggle-on shields to require login for pages or backend functions.

  • Password reset & session management out of the box.

hashtag
Typical tasks

  • Gate a page/endpoint: flip the protection toggle (shield) to “require login.”

  • Make something public: turn protection off (useful for marketing or health endpoints).

  • Test the flow: visit a protected page — you’ll be prompted to sign up/sign in automatically.

hashtag
How it fits together

  • Auth UI (sign-up/login/reset) is provided.

  • Sessions persist across app usage; protected routes check session state.

  • Access control is per page/feature; you decide what’s public vs. members-only.

hashtag
Good patterns

  • Default to protected for anything that reads/writes user data.

  • Keep secrets and tokens on the server; call external APIs from the backend, not the browser.

  • Pair auth with DB roles in your code (only fetch the current user’s records).

hashtag
FAQ

chevron-rightDo I have to build my own login UI? hashtag

No - native forms are included.

chevron-rightCan I switch a page back to public later? hashtag

Yes - toggles let you enable/disable auth per page or feature.

chevron-rightWhere do I see my users? hashtag

In Users & Data, alongside your tables.

PreviousAgent Planning ModeNextNative Database

Last updated

Was this helpful?