skip to main content
Browse documentation

Authentication & access

How people sign in to Syncanix — your team to the dashboard, your own users to the chat — plus the keys, identity providers, and safeguards that connect them.

Syncanix deals with two separate groups of people, and keeps them strictly apart. Your team signs in to the dashboard to configure the product. Your end users are authenticated by your own identity provider, so the assistant acts on their behalf — never with more access than they already have. This section is the hands-on guide to setting up both.

Two audiences, kept apart

Getting this distinction right is the most important thing on this page. The two logins use different systems and never overlap.

Your team → the dashboard
The people who buy and operate Syncanix sign in to app.syncanix.com with Syncanix’s own hosted login. They configure the catalog, the widget, billing, and team access.
Your end users → the chat
The people who use your app are authenticated by your identity provider — not by Syncanix. The chat and the MCP server then act as that signed-in person, bounded by exactly their permissions.

The principles behind it

Everything in this section follows three rules that never bend:

  • The assistant acts as the signed-in end user — every action runs with that person’s identity, not a shared service account.
  • The language model never holds long-lived credentials — tokens are short-lived, scoped, and bound to a single action.
  • Every workspace is isolated — one customer’s data, keys, and configuration can never reach another’s.

Explore this section

Signing in & workspacesHow your team signs in, and how workspaces keep each account separate.Authenticating your usersThe four ways the widget can authenticate your own end users.Connecting an identity providerWire up Auth0, Clerk, Amazon Cognito, or WorkOS in the dashboard.API keysCreate, reveal, and revoke the keys the CLI and widget use.Step-up & action safetyHow read, write, and destructive actions are confirmed and undone.Team & rolesThe five roles and what each one can see and change across the dashboard.