What does authentication in Gadget provide? 

Authentication is a crucial aspect of modern application development that involves the process of verifying and validating the identity of users or services accessing an application. It ensures that only authenticated users gain access to protected resources and features, safeguarding sensitive data and maintaining system security.

Traditionally implementing authentication can be a complex and time-consuming task. Developers often have to deal with several challenges, including integration with different Oauth providers, security concerns and more.

Gadget simplifies the whole authentication setup for developers by providing seamless out-of-the-box email/password and Google OAuth authentication methods, requiring no additional code to be written.



Gadget provides a built-in email/password authentication for new Gadget apps.

For more information on customizing your email/password authentication, see the building with email/password authentication.

Google OAuth 

Gadget provides OAuth integration directly with Google, allowing you to authenticate users using their Google accounts for your application. By default, new Gadget apps include Google OAuth that makes use of the gadgetManagedCredentials. In production, you have to get your own credentials from the Google Cloud Console and set them up in Gadget.

For more information, see the building with Google OAuth guide.


The process of building and managing authentication flows can be intricate and time-consuming, diverting developer's attention from core functionalities. To address this challenge, Gadget offers a comprehensive set of authentication helpers, including hooks, components, and custom actions, specifically designed to address any user scenarios and streamline the authentication process. These authentication helpers encapsulate complex authentication logic, simplify user authentication, and ensure a smooth and secure user experience.

For more information, see the authentication helpers guide.


Developers often need to build around the various pathways through which users are verified and granted access to your application, within Gadget this can be easily done by using authentication helpers like custom hooks and components.

For more information, see the auth workflows guide.

How authentication in Gadget works 

With Gadget's authentication built into any application created, developers save significant time that otherwise would be spent setting up large systems and processes. Instead we provide you with default settings inside the platform that allow you to configure your app's authentication behavior however you choose.

On the left side bar click on the Plugins page and navigate to Auth settings towards the right of the Authentication methods interface.

Within the Authentication settings, developers have the ability to configure their app with the following settings:

  • Redirect on sign in success - Input a frontend route to control where the user lands after they sign in successfully
  • Sign-in path - Input a frontend route to control where the user goes to sign in
  • Unauthorized route access - Define the behavior for unauthorized HTTP route access by choosing between users being directed to the Sign-in Path or a 403 status response
  • Default auth role - Choose between existing roles in access control which should be applied to signed in users by default
A screenshot of the default auth settings within Gadget