You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Restrict access to your documentation with a password or with a third-party authentication provider.
13
+
Choose how users authenticate to access your documentation.
14
14
15
15
You can make all of your content private or control access on a page-by-page basis.
16
16
17
-
## Handshake methods
17
+
## Authentication methods
18
18
19
-
**JSON Web Token (JWT)**: Custom system where you manage user tokens with full control over the login flow.
19
+
Choose between simple shared password access or individual user authentication based on your security needs.
20
+
21
+
### Password protection
22
+
23
+
Shared access with a single global password.
24
+
25
+
- Pros of password protection:
26
+
- Simple setup with no configuration required to add new users. Just share the password.
27
+
- Cons of password protection:
28
+
- Cannot differentiate between users with the same password.
29
+
- Must change the password to revoke access.
30
+
31
+
### Identity provider authentication
20
32
33
+
Authenticate individual users with one of the following methods.
34
+
35
+
**JSON Web Token (JWT)**: Custom system where you manage user tokens with full control over the login flow.
21
36
- Pros of JWT:
22
37
- Reduced risk of API endpoint abuse.
23
38
- No CORS configuration.
24
39
- No restrictions on API URLs.
25
40
- Cons of JWT:
26
41
- Must be compatible with your existing login flow.
27
-
- Dashboard sessions and docs authentication are decoupled, so your team will log into your dashboard and your docs separately.
28
-
- When you refresh user data, users must log into your docs again. If your users' data changes frequently, they must log in frequently or risk having stale data in your docs.
42
+
- Users log into your dashboard and docs separately.
29
43
30
44
**OAuth 2.0**: Third-party login integration like Google, GitHub, or other OAuth providers.
31
45
@@ -34,7 +48,7 @@ You can make all of your content private or control access on a page-by-page bas
34
48
- No restrictions on API URLs.
35
49
- Cons of OAuth 2.0:
36
50
- Requires significant work if setting up an OAuth server for the first time.
37
-
-Dashboard sessions and docs authentication are decoupled, so your team will log into your dashboard and your docs separately.
51
+
-Users log into your dashboard and docs separately.
38
52
39
53
**Mintlify dashboard**: Allow all of your dashboard users to access your docs.
40
54
@@ -44,10 +58,15 @@ You can make all of your content private or control access on a page-by-page bas
44
58
- Cons of Mintlify dashboard:
45
59
- Requires all users of your docs to have an account in your Mintlify dashboard.
46
60
47
-
**Password**: Shared access with a single global password. Used for access control only. Does not allow for personalization.
61
+
## Choose your method
48
62
49
-
- Pros of password:
50
-
- Simple setup with no configuration required to add new users, just share the password.
51
-
- Cons of password:
52
-
- Lose personalization features since there is no way to differentiate users with the same password.
53
-
- Must change the password to revoke access.
63
+
**Use password protection if**:
64
+
65
+
- You want a simple, quick setup.
66
+
- All authorized users can share the same password.
67
+
- You don't need to track individual users.
68
+
69
+
**Use identity provider authentication if**:
70
+
71
+
- You need to identify individual users.
72
+
- You want to integrate with existing login flows.
0 commit comments