# Authentication

Novel uses industry best-practices for authenticating users. This is made possible by the `grant`library and it's support with Fastify.

We don't use an external library like OpenAuth, Auth.js, or Better Auth, as it does not fit the need of the Novel framework.

{% hint style="info" %}
This article discusses authentication coming from the server.
{% endhint %}

Novel supports the following authentication modes:

1. Email / Password
2. Magic Links
3. OAuth2

Forget Password, Email Verification, and MFA is also supported.

## Signups

You can modify how signups are handled by modifying the built in sign up endpoints and the onboarding lifecycle features in the features directory.

By default these are stored in 

<https://github.com/madewithnovel/novel/blob/main/app/api/internal/v1/auth-signup/index.ts>

and the flow goes into

<https://github.com/madewithnovel/novel/blob/main/app/features/lifecycle/signup.ts>

Learn more about it below

{% embed url="<https://docs.novel.dev/guides/knowledge-base/novel-server/setting-up-signups>" %}

## User Sessions

User sessions are the sessions usually used by your user when they interact with the frontend. These are cookie sessions.

You can have a look at what sessions are below

{% embed url="<https://docs.novel.dev/novel-server/sessions>" %}

## API Keys

API Keys are also supported when developing your endpoints. These are protected by the API Keys feature.

You can have a look at the feature below

{% embed url="<https://docs.novel.dev/novel-server/api-keys>" %}

## Single-Sign On (SSO)

{% hint style="warning" %}
SSO is not yet available as of 2025.1.0.
{% endhint %}

## Changelog

* 2024-12-20 - Initial Documentation


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.novel.dev/novel-server/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.