Hire
Docs Navigation Open

Authentication

Choose authentication patterns that match the actual user journey instead of adding security features blindly.

Authentication in Evolution CMS has always had several layers: manager users, frontend users, protected documents, and package-specific login flows.

Manager Authentication

Manager users sign in to /manager/. Their capabilities depend on roles, permissions, and access groups.

Frontend Authentication

Frontend users are used for protected areas, customer accounts, member sections, and user-specific workflows.

Classic Options

  • WebLogin and WebSignup for classic frontend auth
  • WebloginPE on older member-area projects
  • FormLister for login, registration, password reset, and profile flows

Current Option

ePasskeys is the modern package-level option when the project benefits from passkey authentication.

Practical Rule

Keep manager auth and frontend auth conceptually separate. They solve different problems and should not share the same assumptions.

Previous

sApi

Use sApi for structured endpoints, versioned APIs, middleware, auth, and integration-facing routes.
Next

Email and Webhooks

Use mail, webhook, and notification flows to move Evolution events into CRM, ops, and business systems.