Authentication Flows
Home · Generic Index · Chain Overlays
This document summarizes the high-level auth flows for the dApp UI and CLI in credible-layer-dapp and credible-sdk.
Web SIWE Flow
CLI Device Flow
Notes:
- Web auth uses SIWE signatures and short lived tokens.
- CLI auth uses a device code plus secret and stores refresh tokens in Supabase.
- Token refresh uses dedicated endpoints for web and CLI scopes.
Key code paths:
- Web auth contracts:
credible-layer-dapp/packages/dapp-api/src/v1/contracts/auth/web.ts - CLI auth contracts:
credible-layer-dapp/packages/dapp-api/src/v1/contracts/auth/cli.ts - Web auth router:
credible-layer-dapp/packages/dapp-api/src/v1/routers/auth/web.ts - CLI auth router:
credible-layer-dapp/packages/dapp-api/src/v1/routers/auth/cli.ts - Device UI:
credible-layer-dapp/apps/dapp/src/app/device/page.tsx - CLI auth client:
credible-sdk/crates/pcl/core/src/auth.rs