Authentication
PLai Framework uses multiple authentication methods depending on the context. This guide covers all authentication scenarios youβll encounter.Dashboard Authentication
User Registration & Login
Create Account
Visit the PLai Framework dashboard and click βRegisterβ
Session Management
PLai Framework uses secure session cookies for dashboard authentication:- Session Duration: Sessions last 30 days by default
- Auto-Renewal: Sessions renew automatically with activity
- Secure Cookies: All cookies are httpOnly and secure
API Authentication
JWT Tokens
API access uses JWT (JSON Web Tokens) for authentication:Token Types
User JWT
Authenticates user actions and personal resources
Project JWT
Provides access to project-specific resources
Obtaining Tokens
Dashboard Method:Organization & Project Access
Role-Based Access Control (RBAC)
PLai Framework implements fine-grained RBAC:Organization Roles
Organization Roles
- Owner: Full organization control
- Admin: Manage users and projects
- Member: Access assigned projects
- Viewer: No access
Project Roles
Project Roles
- Owner: Full project control
- Admin: Manage project resources
- Member: Use agents, datasources and tools as project member
- Viewer: Read-only access
Permission Matrix
| Action | Viewer | Member | Admin | Owner |
|---|---|---|---|---|
| View Agents | β | β | β | β |
| Chat with Agents | β | β | β | β |
| Create Agents | β | β | β | β |
| Manage Tools & Datasources | β | β | β | β |
| View Analytics | β | β | β | β |
| Manage Batches | β | β | β | β |
| Billing Access | β | β | β | β |
API Security
Rate Limiting
Weβre working on it.Request Headers
Always include these headers in API requests:Environment-Specific Configuration
Development Environment
Production Environment
Error Handling
Common Authentication Errors
Error Response Handling
Security Best Practices
Token Storage
- Web Applications
- Mobile Applications
- Server Applications
- Use httpOnly cookies for automatic inclusion
- Store in secure sessionStorage for manual handling
- Never use localStorage for sensitive tokens
Next Steps
Quick Start
Set up your first authenticated project
API Reference
Explore API endpoints and examples