Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/egeuysall/ryva-archive/llms.txt

Use this file to discover all available pages before exploring further.

Ryva provides secure, flexible authentication powered by Supabase. Users can sign up and log in using email/password credentials or OAuth providers like Google and GitHub.

Authentication Methods

Ryva supports multiple authentication methods to provide flexibility for your users:

Email and Password

The traditional authentication flow where users create an account with their email address and password.
1

Sign Up

Users create a new account by providing:
  • Email address
  • Password (minimum 6 characters)
  • Full name (optional)
  • CAPTCHA verification (hCaptcha)
After signing up, users receive a confirmation email to verify their account.
2

Email Verification

Users click the confirmation link in their email to verify their account. This step is required before they can access the platform.
3

Login

Verified users can log in with their email and password. CAPTCHA verification is required for security.
Email verification is mandatory for all email/password signups. Users cannot access their account until they verify their email address.

OAuth Providers

Users can authenticate using their existing accounts from supported OAuth providers:
  • Google - Sign in with Google account
  • GitHub - Sign in with GitHub account
OAuth authentication provides a faster signup experience and eliminates the need for email verification.
OAuth authentication is recommended for the best user experience. Users are instantly authenticated without needing to verify their email.

User Workflow

First-Time Signup

1

Choose Authentication Method

Users can select either:
  • Email/password signup
  • Google OAuth
  • GitHub OAuth
2

Account Creation

For email/password:
  • Enter email, password, and optional full name
  • Complete CAPTCHA challenge
  • Check email for verification link
For OAuth:
  • Authorize the OAuth provider
  • Automatically redirected back to Ryva
3

Onboarding Flow

After successful authentication, new users are guided through an interactive onboarding flow to:
  • Set up their profile
  • Create their first workspace
  • Invite team members (optional)

Returning Users

1

Login

Users visit the login page and authenticate using their preferred method.
2

Access Dashboard

After successful authentication, users are redirected to their dashboard at /app.

Security Features

CAPTCHA Protection

All email/password authentication flows include hCaptcha verification to prevent automated abuse and bot attacks.
Users must complete the CAPTCHA challenge before they can sign up or log in. The CAPTCHA token expires and must be refreshed if the form is resubmitted.

Password Requirements

  • Minimum length: 6 characters
  • Passwords are securely hashed and never stored in plain text
  • Password confirmation required during signup

Session Management

Supabase handles secure session management with:
  • HTTP-only cookies for session tokens
  • Automatic session refresh
  • Secure logout functionality

Profile Management

Once authenticated, users can manage their profile information:

Update Profile

Users can update:
  • Full name - Display name (3-255 characters)
  • Avatar URL - Profile picture (must be valid HTTP/HTTPS URL)
Email addresses cannot be changed after account creation for security reasons.

User Preferences

Users can customize their experience with preferences:
  • Theme (light/dark mode)
  • Language
  • Timezone
  • Notification settings (email, push)
Preferences are stored as a flexible JSON object, allowing for extensibility.

API Endpoints

The authentication system exposes these key endpoints:
EndpointMethodDescription
/api/v1/auth/meGETGet current user profile with organizations
/api/v1/auth/profilePATCHUpdate user profile
/api/v1/auth/preferencesGETGet user preferences
/api/v1/auth/preferencesPUTUpdate user preferences
/api/v1/auth/onboarding/completePOSTMark onboarding as complete

Password Recovery

Users who forget their password can reset it:
1

Request Reset

Users click “Forgot your password?” on the login page and enter their email address.
2

Check Email

Supabase sends a password reset link to the user’s email.
3

Create New Password

Users click the link and create a new password.

Onboarding Experience

New users are guided through a 3-step onboarding flow:
  1. Profile Setup - Set or update full name
  2. Workspace Creation - Create first organization/workspace
  3. Team Invitations - Optionally invite team members
All onboarding steps can be skipped. Users can complete these actions later from their dashboard settings.
The onboarding flow ensures users have a complete setup and understand key features of the platform.

Best Practices

OAuth authentication provides the smoothest user experience. Users are authenticated instantly without email verification, reducing friction in the signup process.
Adding a full name and avatar helps team members identify you in collaborative workspaces.
  • Use a strong, unique password
  • Don’t share your credentials
  • Log out when using shared devices
For email/password signups, verify your email as soon as possible to gain full access to the platform.

Troubleshooting

Didn’t receive verification email?

  • Check your spam/junk folder
  • Ensure you entered the correct email address
  • Try signing up again with the same credentials

CAPTCHA not loading?

  • Check your ad blocker settings
  • Ensure JavaScript is enabled
  • Try a different browser

OAuth authentication fails?

  • Ensure pop-ups are allowed for the site
  • Check if you’re already signed in to the OAuth provider
  • Clear browser cookies and try again