Skip to main content
Version: v0.15

Getting Started

Conduit provides authentication for your application in a simple yet powerful way. Accounts can be created through email and password, or through a third party. Magic links are also supported for passwordless authentication.


# Option A: Just give me a barebones setup of the latest Conduit release (includes Authentication)
npx @conduitplatform/cli deploy

# Option B: I wish to bring up extra modules and perform some basic configuration
npx @conduitplatform/cli deploy --config

At this point, you should have a functional Authentication instance.

Now let's provide some basic information for starting using the Authentication module.

Create a user

A Conduit user is a representation of a person that can interact with the system.
A user can be created through the following request:

Create User Request
# Creates a new user using email/password.
# An optional invitation code can be provided to create a user with a specific role.
# A valid email must be given.

curl --location --request POST 'http://localhost:3000/authentication/local/new' \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "",
"password": "pass"
} '

The following response will be returned:

Create User Response
"user": {
"email": "",
"active": true,
"isVerified": false,
"hasTwoFA": false,
"createdAt": "2022-12-02T13:08:36.696Z",
"updatedAt": "2022-12-02T13:08:36.696Z",
"_id": "6389f8d445d164a022897845",
"__v": 0

We have now created our first user. Let's see how we can authenticate with it.


Login Request

# Login endpoint that can be used to authenticate.
# Tokens are returned according to configuration.

curl --location --request POST 'http://localhost:3000/authentication/local' \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "",
"password": "pass"
} '

The response will contain the access and refresh tokens that can be used to make authenticated requests:

Login Response
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjYzODlmOGQ0NDVkMTY0YTAyMjg5Nzg0NSIsImF1dGhvcml6ZWQiOnRydWUsInN1ZG8iOnRydWUsImlhdCI6MTY2OTk4Njg0MiwiZXhwIjoxNjczNTg2ODQyfQ.VoSh7QXCFDoGBRYiv9qug3uWm7JX4jwb7-l05qWTVOs",
"refreshToken": "aDYLqHPw6yK+GTNsWApA9BYfpSkVIRvA+cVtPw2DPQ3CaRCfEPCHo4xCsENHqzdu7e8ZrARwc/P58UyY95yn4Q=="

We can now use the access token to make authenticated requests.

Let's make an example. We will use the access token to make a logout request.

Log out Request

curl --location --request POST 'http://localhost:3000/authentication/logout' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjYzNjNjZGNkMDhkNTU2MDk1NmM4MGQ4OSIsImlhdCI6MTY2OTk4MTIwOSwiZXhwIjoxNjcwMDUzMjA5fQ.sxIQDgJv5zzZo8PV6logbvyLO0WbXgES9EWEtUo_kEg' \

Congratulations! The user is now successfully logged out.

Using the Admin Panel

The Admin Panel can be used to manage users.
Through the Admin Panel, you can create, update, delete and block/unblock users.

The Users tab is where User manipulation takes place.

authentication overview


A basic operation you may want to perform is creating a user.

create user


By clicking the corresponding edit button, you'll see the edit pop-up window.

Edit user

You can either change your email or add you phone number.
In case that you want to enable 2FA, fill-in the phone field and tick the corresponding box.


In order to delete multiple users at once, select the users that you want to delete and click the corresponding button.

Block / Unblock

You can block or unblock a single or multiple users by clicking the corresponding button.