Quick Start
1
Set JWT Secret for Production
2
Start Platform Service
Configuration
Required Environment Variables
JWT Secret Security
How It Works
TheAuthService._issue_token method enforces JWT secret validation:
Token Issuance Flow
Production Deployment
Docker Configuration
Kubernetes Secret
Environment Variable Best Practices
Migration
Upgrading from Previous Versions
1
Generate Secret
2
Update Configuration
3
Restart Platform
Error Handling
Whenlogin() is called with misconfigured production deployment:
Development vs Production
Development Mode
Production Mode
Best Practices
Use Strong Secrets
Use Strong Secrets
Generate secrets with at least 256 bits of entropy using
secrets.token_urlsafe(64) or equivalent. Never use predictable values.Rotate Secrets Regularly
Rotate Secrets Regularly
Implement secret rotation every 90 days. When rotating, issue new tokens gradually to avoid service disruption.
Store Secrets Securely
Store Secrets Securely
Use dedicated secret management systems (AWS Secrets Manager, HashiCorp Vault, etc.) rather than plain environment variables.
Monitor Authentication Failures
Monitor Authentication Failures
Log and alert on RuntimeError exceptions during login to detect misconfigured deployments quickly.
Related
RBAC Enforcement
Workspace membership and role-based access control
Platform SDK
Python SDK for platform integration

