[{"data":1,"prerenderedAt":225},["ShallowReactive",2],{"content-query-oQINClMiTY":3},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"title":8,"description":9,"sidebar_position":10,"body":11,"_type":219,"_id":220,"_source":221,"_file":222,"_stem":223,"_extension":224},"/docs/features/auth","features",false,"","Authentication & Security","CredVault provides a robust, enterprise-grade authentication system designed to secure your data while remaining incredibly frictionless for your users.",1,{"type":12,"children":13,"toc":208},"root",[14,22,27,34,39,46,51,57,62,68,73,109,115,120,163,169,174],{"type":15,"tag":16,"props":17,"children":19},"element","h1",{"id":18},"authentication-security",[20],{"type":21,"value":8},"text",{"type":15,"tag":23,"props":24,"children":25},"p",{},[26],{"type":21,"value":9},{"type":15,"tag":28,"props":29,"children":31},"h2",{"id":30},"authentication-methods",[32],{"type":21,"value":33},"Authentication Methods",{"type":15,"tag":23,"props":35,"children":36},{},[37],{"type":21,"value":38},"We support several authentication methods that can be used independently or in combination to secure your applications:",{"type":15,"tag":40,"props":41,"children":43},"h3",{"id":42},"_1-email-password",[44],{"type":21,"value":45},"1. Email & Password",{"type":15,"tag":23,"props":47,"children":48},{},[49],{"type":21,"value":50},"The traditional authentication method, bolstered by rigorous password hashing (bcrypt) and Brute-Force protection.",{"type":15,"tag":40,"props":52,"children":54},{"id":53},"_2-social-authentication-google-oauth",[55],{"type":21,"value":56},"2. Social Authentication (Google OAuth)",{"type":15,"tag":23,"props":58,"children":59},{},[60],{"type":21,"value":61},"Allow users to sign in with their existing Google accounts. This heavily reduces friction during onboarding and increases conversion rates. Configured seamlessly via your Dashboard.",{"type":15,"tag":40,"props":63,"children":65},{"id":64},"_3-webauthn-passkeys-biometrics",[66],{"type":21,"value":67},"3. WebAuthn (Passkeys & Biometrics)",{"type":15,"tag":23,"props":69,"children":70},{},[71],{"type":21,"value":72},"CredVault provides out-of-the-box support for the WebAuthn standard. This allows users to authenticate using biometric sensors (TouchID, FaceID) or hardware security keys (YubiKey) for unphishable security.",{"type":15,"tag":74,"props":75,"children":76},"ul",{},[77,89,99],{"type":15,"tag":78,"props":79,"children":80},"li",{},[81,87],{"type":15,"tag":82,"props":83,"children":84},"strong",{},[85],{"type":21,"value":86},"FIDO2 Certified",{"type":21,"value":88},": Fully compliant with FIDO2 standards.",{"type":15,"tag":78,"props":90,"children":91},{},[92,97],{"type":15,"tag":82,"props":93,"children":94},{},[95],{"type":21,"value":96},"Biometric 2FA",{"type":21,"value":98},": Use as a second factor instead of insecure SMS OTPs.",{"type":15,"tag":78,"props":100,"children":101},{},[102,107],{"type":15,"tag":82,"props":103,"children":104},{},[105],{"type":21,"value":106},"Passwordless",{"type":21,"value":108},": Coming soon, the ability to completely drop passwords for WebAuthn passkeys.",{"type":15,"tag":28,"props":110,"children":112},{"id":111},"advanced-security-policies",[113],{"type":21,"value":114},"Advanced Security Policies",{"type":15,"tag":23,"props":116,"children":117},{},[118],{"type":21,"value":119},"Administrators have extensive control over how users access the system:",{"type":15,"tag":74,"props":121,"children":122},{},[123,133,143,153],{"type":15,"tag":78,"props":124,"children":125},{},[126,131],{"type":15,"tag":82,"props":127,"children":128},{},[129],{"type":21,"value":130},"Session Management",{"type":21,"value":132},": Automatically invalidate concurrent sessions or enforce idle timeouts.",{"type":15,"tag":78,"props":134,"children":135},{},[136,141],{"type":15,"tag":82,"props":137,"children":138},{},[139],{"type":21,"value":140},"MFA Enforcement",{"type":21,"value":142},": Force all users or specific roles to enable Multi-Factor Authentication (OTP or WebAuthn).",{"type":15,"tag":78,"props":144,"children":145},{},[146,151],{"type":15,"tag":82,"props":147,"children":148},{},[149],{"type":21,"value":150},"IP Allowlisting",{"type":21,"value":152},": Restrict API and Dashboard access to specific corporate IP addresses.",{"type":15,"tag":78,"props":154,"children":155},{},[156,161],{"type":15,"tag":82,"props":157,"children":158},{},[159],{"type":21,"value":160},"Audit Logging",{"type":21,"value":162},": Every authentication event (success, failure, MFA challenge) is recorded immutably in your account's Audit Log for compliance reporting.",{"type":15,"tag":28,"props":164,"children":166},{"id":165},"best-practices",[167],{"type":21,"value":168},"Best Practices",{"type":15,"tag":23,"props":170,"children":171},{},[172],{"type":21,"value":173},"When integrating CredVault Authentication into your applications:",{"type":15,"tag":175,"props":176,"children":177},"ol",{},[178,188,198],{"type":15,"tag":78,"props":179,"children":180},{},[181,186],{"type":15,"tag":82,"props":182,"children":183},{},[184],{"type":21,"value":185},"Always use HTTPS",{"type":21,"value":187},". Tokens sent over unencrypted connections can be intercepted.",{"type":15,"tag":78,"props":189,"children":190},{},[191,196],{"type":15,"tag":82,"props":192,"children":193},{},[194],{"type":21,"value":195},"Never store API keys in frontend code",{"type":21,"value":197},". Use short-lived Bearer tokens for client applications and keep API keys strictly on your secure backend.",{"type":15,"tag":78,"props":199,"children":200},{},[201,206],{"type":15,"tag":82,"props":202,"children":203},{},[204],{"type":21,"value":205},"Use our official SDKs",{"type":21,"value":207},". They automatically handle token refreshing and secure storage best practices.",{"title":7,"searchDepth":209,"depth":209,"links":210},2,[211,217,218],{"id":30,"depth":209,"text":33,"children":212},[213,215,216],{"id":42,"depth":214,"text":45},3,{"id":53,"depth":214,"text":56},{"id":64,"depth":214,"text":67},{"id":111,"depth":209,"text":114},{"id":165,"depth":209,"text":168},"markdown","content:docs:features:auth.md","content","docs/features/auth.md","docs/features/auth","md",1777847380895]