Skip to content

Authentication workflow

Jump to bottom
Vivek Raman edited this page Mar 5, 2026 · 1 revision

Passwordless sign in using WorkOS.

sequenceDiagram
    participant U as User
    participant R as React (Tauri)
    participant S as Sidecar (Local FastAPI)
    participant C as Cloud Server (FastAPI)
    participant W as WorkOS

    U->>R: Enter email (e.g., @sjsu.edu)
    R->>C: POST /auth/start (email)
    C->>C: Validate Domain (is @sjsu.edu?)
    C->>W: Create Passwordless Session
    W-->>U: Send Magic Link Email
    U->>W: Click Magic Link
    W->>C: Redirect with Code
    C->>W: Exchange Code for Profile
    C->>C: Generate Internal JWT
    
    Note over C,R: Cloud triggers Deep Link redirect
    C-->>R: Redirect to my-app://auth?token=JWT_VALUE
    
    R->>R: Capture token via Deep Link Listener
    R->>S: POST /store-token (token)
    S->>S: Encrypt & Save to Local Keyring/DB
    S-->>R: 200 OK (Auth Complete)
Loading

Home

Documentation

Flows

Clone this wiki locally