Auth & access
Auth & access
App user sign-in, workspaces, and ACL-based permissions.
App user authentication
How your app's end-users sign in — email/password and OAuth (Google, Okta/Auth0) — and what the app JWT carries.
Multi-tenancy & workspaces
Choose single or multi tenancy, understand how the active workspace is resolved into the JWT, and how users join or switch workspaces.
ACL, roles & groups
Permissions for app users come only from ACL policies — attached directly or via groups. Roles are labels. Manage it all with the normal entity API.