Overview
Blueprint utilizes three primary methods of authentication:
- Email & Password: Uses access and refresh tokens for session management.
- Masquerade: Simulates a user's session using their User ID and a masquerade token.
- Expiring URL: Grants limited access for specific actions.
How is authentication handled in Blueprint?
Authentication in Blueprint is managed using:
- Middleware
- API routes
- react-query
- Custom GraphQL handler
- Browser cookies
This combination ensures a robust, scalable, and secure authentication solution.
This section explains how Blueprint implements each authentication method. These methods are crucial for a secure authentication solution.
Which API routes are used for authentication?
There are 3 API routes used for authentication purposes:
/api/auth/login/api/auth/logout/api/auth/session
Each of these routes will be explained in detail in their respective documentation sections.
How does Blueprint use Kraken for authentication?
Blueprint uses the obtainKrakenToken mutation to request authorisation tokens from Kraken. The API documentation details the different errors this can raise. We handle these errors in our custom GraphQL handler