Authentication Methods

Configure email/password, magic link, and future OAuth authentication methods.

The SaaS Kit currently supports:

✅ Email/Password - Traditional credentials
✅ Magic Link - Passwordless email links
✅ OAuth - Social providers (by default, Google is enabled)

By default, we enable the email/password and Google OAuth sign-in. You can customize these as you see fit.

Email and Password Authentication

To enable or disable the email/password authentication method, you can set the following environment variable:

apps/web/.env.local

NEXT_PUBLIC_AUTH_PASSWORD=true

Password Requirements

To customize the password requirements, you can set the following environment variable:

apps/web/.env.local

NEXT_PUBLIC_PASSWORD_MIN_LENGTH=8
NEXT_PUBLIC_PASSWORD_MAX_LENGTH=99
NEXT_PUBLIC_PASSWORD_REQUIRE_SPECIAL_CHARS=true
NEXT_PUBLIC_PASSWORD_REQUIRE_NUMBERS=true
NEXT_PUBLIC_PASSWORD_REQUIRE_UPPERCASE=true

Email Verification

By default, we require users to verify their email before accessing the app.

Magic Link Authentication

To enable or disable the magic link authentication method, you can set the following environment variable:

apps/web/.env.local

NEXT_PUBLIC_AUTH_MAGIC_LINK=true

Note: by default, this is disabled.

Next: Social Providers →