Homefetching auth providers...
Authentication status checker
△
Each section below displays content relevant to login status and role
This content is visible to all users and roles
This content is visible to anonymous users only
Syntapse +
+ NextAuth
This website has a single purpose: to demonstrate NextAuth.js as a foundation for simple, secure, highly extensible session management, user login and registration. NextAuth only manages authentication, so additional account management features have been included to show how it fits into a complete account management scheme.
Modal dialogs have been introduced to improve UX for login at the point of engagement. Out of the box NextAuth provide default pages to sign in and out using a variety configured OAuth servicess,
Click the login button to register or sign in to a Syntapse account or a variety of id providers
Features At a Glance
NextAuth features
- Multi vendor login and authentication
- Support dozens of OAUTH login providers out-of-the-box
- Supports JWT and session (db) login policies (JWT by default)
The following features out of scope for NextAuth, but included in this site to provide full account management services and improved UX.
Basic site navigation
- Login and logout with modal dialogs for improved UX.
- Example user Profile page. Displays profiles of authenticated users.
- Example admin dashboard page. Redirects to home for anonymous users.
Additional Security Features
- Sign in with social network credentials or register with Syntapse using email verified registration and 2FA login.
- First-time login with an external provider will create a local account with the same credentials for account and profile management.
- Each external login will create a separate local account.
- Syntapse will never ask for or store third party passwords but maintains social ids and emails.
- Email notifications can be sent on any system event according to any set of business rules.
Role based authentication
- Logging in via an Oauth provider creates a local authenticated account which is used for all subsequent logins.
- The default NextAuth session is intercepted at login and replaced with a local user account.
- No additional password or security data is required for full account access as provider credentials are sufficient to uniquely identify users.
- By implementing the above this site provides easily extendible authenticated and Role based access and permissions.