Authentication mirrors the backend specification inDocumentation Index
Fetch the complete documentation index at: https://devkit4ai.com/docs/llms.txt
Use this file to discover all available pages before exploring further.
devkit4ai/backend-api/SPECS.md:
- Login returns an access token (30-minute expiry) and optional refresh token (7-day expiry).
- Tokens are stored in httpOnly cookies (
devkit4ai-token,devkit4ai-refresh-token) viastoreTokensInCookiesinside the shared server actions. - Automatic refresh is handled by the
/api/v1/auth/refreshendpoint and therefreshAccessTokenhelper invoked by the Cloud Admin and Starter Kit flows.