Skip to main content
Incoming variant for manual merge.

title: ‘Authentication’ description: ‘Understanding authentication and access control in Better Data SCM’ audience: ‘user,tenant-admin,developer’ scope: ‘Tenant platform only; excludes SuperAdmin’

Authentication

Better Data SCM supports multiple authentication methods for different use cases.

Authentication Methods

NextAuth (Session-Based)

The primary authentication method for web applications uses NextAuth.js. Features:
  • Session-based authentication
  • Organization context included in session
  • Automatic token refresh

Clerk

For organizations using Clerk for identity management. Features:
  • SSO integration
  • Multi-factor authentication
  • User management

Dub Auth

For API access and integrations. Features:
  • API key authentication
  • Bearer token support
  • Scoped access tokens

Organization Context

All authenticated requests include organization context: 
// Example: Organization ID in session
{
  user: {
    id: "user_123",
    organizationId: "org_456"
  }
}

API Authentication

API requests require authentication via:
  1. Bearer Token: Include in Authorization header
  2. API Key: Include in X-API-Key header
  3. Session Cookie: For browser-based requests

Example API Request

curl -X GET https://api.betterdata.co/api/products \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "X-Organization-Id: org_456"

Scopes and Permissions

All operations are tenant-scoped:
  • Tenant-scoped: Operations are limited to your organization
  • Requires authenticated org context: All API calls must include organization ID
  • Not available in SuperAdmin: These endpoints are not accessible via SuperAdmin interface

Permissions & Roles

Authentication is required for all operations. Contact your organization administrator to obtain access credentials.