Authentication
Learn how authentication works in Forest Watch 3.0.
Forest Watch 3.0 uses Supabase to manage secure authentication for all users.
Available Authentication Methods
The platform supports the following built-in authentication methods:
- Email/Password - Traditional email and password sign-in
- Third Party Providers - Google OAuth authentication
- Email Links - Passwordless sign-in via email
- Phone Number - SMS-based authentication (optional)
Authentication Features
Secure Sign-In
- Industry-standard encryption
- Secure session management
- Automatic token refresh
- Cross-device compatibility
Email Verification
- Verification required for new accounts
- Secure email confirmation links
- Prevents unauthorized access
- Validates team invitations
Password Security
- Strong password requirements
- Secure password reset flow
- Password change capability
- Encrypted password storage
Session Management
- Persistent sessions across devices
- Automatic session refresh
- Secure logout functionality
- Session timeout controls
User Account Types
Personal Accounts
Created automatically when you sign up:
- Unique user profile
- Personal workspace
- Individual settings
- Activity tracking
Team Access
After authentication, you can:
- Accept team invitations
- Join multiple teams
- Switch between teams
- Manage team memberships
Security Features
Email Verification
All new accounts require email verification:
- Sign up with email and password
- Receive verification email
- Click verification link
- Account activated
Invitation Validation
When accepting team invitations:
- Email must match invitation
- Token validation required
- Expiration checking enforced
- Single-use token system
Session Security
- Encrypted session tokens
- Automatic expiration
- Secure cookie storage
- HTTPS-only transmission