Authenticating
Choosing an Auth Method
How to decide which auth method is right for your docs
Before your users can access personalized content, they must be authenticated. Mintlify supports three methods of authenticating users:
- Shared Session: Utilize the same session token used by your dashboard to authenticate users.
- JWT: Use your own login flow to send user info to your docs via a JWT in the URL.
- OAuth 2.0: Integrate with your OAuth server to enable user login via the PKCE flow.
Prerequisites
- You have a dashboard or other user portal hosted at your domain.
- Your users’ session credentials are stored as cookies.
- You can create a new API endpoint at the same origin or a subdomain of your dashboard.
- If your dashboard is at
foo.com
, the API URL must start withfoo.com
or*.foo.com
- If your dashboard is at
dash.foo.com
, the API URL must start withdash.foo.com
or*.dash.foo.com
- If your dashboard is at
- Your docs are hosted at the same domain as your dashboard.
- If your dashboard is at
foo.com
, your docs must be hosted atfoo.com
or*.foo.com
- If your dashboard is at
*.foo.com
, your docs must be hosted atfoo.com
or*.foo.com
- If your dashboard is at
Pros & Cons
Pros:
- Users that are logged into your dashboard are automatically logged into your docs
- Your users’ sessions are persistent, meaning you can refresh data without requiring additional login
- Minimal setup required
Cons:
- Your docs will make a request to your backend, which may be undesirable
- You must have a dashboard that uses session authentication
- CORS configuration is usually required
Was this page helpful?