Providers
Configure authentication providers for email, SMS, and third-party OAuth.
Overview
DYPAI supports multiple authentication methods:
- Email/Password with SMTP
- Magic Link (passwordless email)
- SMS/OTP with Twilio
- OAuth providers (Google, GitHub, etc.)
Email (SMTP) Configuration
Go to Auth Providers
Navigate to Auth β Providers β Email in your dashboard.
Enable Email Provider
Toggle "Email" to enabled.
Configure SMTP
Enter your SMTP server details.
Test Configuration
Send a test email to verify the setup.
SMTP Settings
| Setting | Description | Example |
|---|---|---|
| Host | SMTP server address | smtp.gmail.com |
| Port | Server port | 587 |
| Username | SMTP username | your-email@gmail.com |
| Password | SMTP password or app password | β’β’β’β’β’β’β’β’ |
| From Email | Sender email address | noreply@yourapp.com |
| From Name | Sender display name | Your Project |
For Gmail, use an Project Password instead of your regular password. Enable 2FA and generate one at myaccount.google.com.
Email Templates
Customize email templates for different scenarios:
| Template | Purpose |
|---|---|
| Confirmation | Email verification after signup |
| Magic Link | Passwordless login link |
| Recovery | Password reset link |
| Invite | User invitation to join |
| Change Email | Email address change verification |
Template Variables
<!-- Available template variables -->
{{ .SiteURL }} <!-- Your app URL -->
{{ .ConfirmationURL }} <!-- Confirmation/action link -->
{{ .Token }} <!-- Raw token (if needed) -->
{{ .Email }} <!-- User's email -->
{{ .Data }} <!-- Custom user metadata -->Example Template
<!DOCTYPE html>
<html>
<head>
<title>Confirm your email</title>
</head>
<body>
<h1>Welcome to {{ .SiteURL }}!</h1>
<p>Click the link below to confirm your email:</p>
<a href="{{ .ConfirmationURL }}">Confirm Email</a>
<p>This link expires in 24 hours.</p>
</body>
</html>SMS (Twilio) Configuration
Create Twilio Account
Sign up at twilio.com and get your Account SID, Auth Token, and a phone number.
Configure in DYPAI
Go to Auth β Providers β SMS and enter your Twilio credentials.
Enable Phone Auth
Toggle "Phone" authentication to enabled.
Twilio Settings
| Setting | Description |
|---|---|
| Account SID | Your Twilio Account SID |
| Auth Token | Your Twilio Auth Token |
| From Number | Twilio phone number |
| Message Template | SMS message with OTP code |
SMS Template
Your verification code is: {{ .Code }}
This code expires in 5 minutes.Phone Authentication
// Request OTP
const response = await fetch('https://your-project.dypai.io/auth/v1/otp', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'X-API-KEY': 'your-anon-key'
},
body: JSON.stringify({
phone: '+1234567890'
})
});
// Verify OTP
const verifyResponse = await fetch('https://your-project.dypai.io/auth/v1/verify', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'X-API-KEY': 'your-anon-key'
},
body: JSON.stringify({
phone: '+1234567890',
token: '123456',
type: 'sms'
})
});
const { access_token, user } = await verifyResponse.json();OAuth Providers
Configure third-party OAuth login:
| Provider | Required |
|---|---|
| Client ID, Client Secret | |
| GitHub | Client ID, Client Secret |
| Microsoft | Client ID, Client Secret, Tenant ID |
| Projectle | Client ID, Team ID, Key ID, Private Key |
OAuth Flow
// Initiate OAuth flow
const provider = 'google';
const redirectTo = 'https://yourapp.com/auth/callback';
const authUrl = 'https://your-project.dypai.io/auth/v1/authorize' +
'?provider=' + provider +
'&redirect_to=' + encodeURIComponent(redirectTo);
// Redirect user to authUrl
window.location.href = authUrl;
// In your callback page, extract the tokens from URL
const params = new URLSearchParams(window.location.hash.substring(1));
const accessToken = params.get('access_token');Add your callback URL to the OAuth provider's allowed redirect URIs.
Testing Providers
Test your configuration:
- Navigate to Auth β Providers
- Click "Test" next to the provider
- Complete the authentication flow
- Verify the test was successful
Test with real credentials before going to production.
Security Settings
| Setting | Recommended |
|---|---|
| Email confirmation required | Yes |
| Token expiry (access) | 1 hour |
| Token expiry (refresh) | 7 days |
| OTP expiry | 5 minutes |
| Password min length | 8 characters |