What authentication methods does Anythink support?

Anythink supports JWT token-based authentication with access and refresh tokens, API key authentication via X-Api-Key headers, and Google OAuth 2.0 social login. Users can register, log in, and manage sessions through the built-in auth endpoints.

Can I add Google Sign-In to my app?

Yes. Anythink has built-in Google OAuth 2.0 integration. You configure your Google client ID and client secret in the dashboard, and Anythink handles the OAuth callback flow, token exchange, and user creation automatically.

How does token management work?

When a user logs in, Anythink issues a JWT access token and a refresh token. The access token is used for API requests. When it expires, the refresh token can be exchanged for a new access token without requiring re-login. You can also use API keys for server-to-server authentication.

Can I manage user roles and permissions through authentication?

Yes. Every user is assigned a role, and roles carry permissions that control access to specific entities and operations. You can create custom roles, assign them to users, and control what each role can see and do — down to the field level.

Authentication

User Management,Deeply integrated

Logging in users and keeping their data safe is super important, and 3rd party authentication products can create disjointed experiences. Anythink lets you authenticate your users safely with seamless integration into your products

Try Free See the Docs

Live demo

Everything You Need for Secure User Management

From simple logins to enterprise-grade security, handle all your user authentication needs with seamless integration into your applications

Authentication Methods

Email/password, magic links and API keys

Authorisation

Role-based access control (RBAC), custom permissions, field-level security

Access Control

Role based access, JWT tokens, session management, API key management with expiration

JWT Token Management

Industry-standard JSON Web Tokens with configurable expiration and refresh capabilities. Secure, stateless authentication that works seamlessly with mobile apps and single-page applications.

API Key System

Generate and manage API keys for service-to-service authentication. Set expiration dates, assign specific permissions, and revoke access instantly when needed.

Field-Level Security

Control access down to individual database fields and records. Perfect for multi-tenant applications where different users need access to different data sets.

User Relationships & Data Integration

Users aren't just accounts - they're part of your data model. Link users directly to any content, create ownership hierarchies, and build applications where user identity is deeply woven into your business logic and data relationships.

Authentication Methods

Email/password, magic links and API keys

01 / 07

In Practice

Auth that ships with your app, not after it

const { user, token } = await client.auth.signUp({
  email: 'alice@example.com',
  password: 'secure-password',
  metadata: { name: 'Alice', plan: 'starter' }
})

// User is created and signed in.
// Token is ready for API requests immediately.

What you can build

Multi-tenant SaaS with team accounts

Users belong to organisations. Organisations have roles. Roles control what each user can see and do. Anythink's auth and RLS handle all of this — you model it once in the dashboard and it enforces everywhere.

Consumer apps with Google sign-in

Add Google OAuth in two clicks — no OAuth flow to implement, no token handling to write. Users get a one-tap sign-in experience. You get a verified identity, a persistent session, and metadata stored alongside the user record.

Protect any route with a single middleware call

Pass the user's token to the SDK and get back a verified identity. Redirect unauthenticated users, gate access by role, and keep your routes clean — without building auth logic from scratch.

Frequently Asked Questions

Still have questions?

Get in Touch

Ready to go?

Create an account and start building

Let's go

User Management,Deeply integrated

Everything You Need for Secure User Management

Authentication Methods

Authorisation

Access Control

JWT Token Management

API Key System

Field-Level Security

User Relationships & Data Integration

Auth that ships with your app, not after it

Multi-tenant SaaS with team accounts

Consumer apps with Google sign-in

Protect any route with a single middleware call

Frequently Asked Questions

Ready to go?

Product

Solutions

For me?

Get Started