← Back to Guide

Authentication and Access

How sign‑in and authorization work.

OAuth2 Google sign‑in via backend

Authentication happens through a secure Google OAuth2 flow. On success, the backend issues a JWT to the extension; the token is validated on each request.

Authorized users and clinic‑scoped access

Only pre‑authorized accounts can use the assistant. Access can be scoped to your clinic; admins can request add/remove users through the built‑in request flow.

Tokens, session validity, and logout behavior

Tokens expire automatically. If your session expires, the assistant clears sensitive stored data and prompts you to re‑authenticate.