← All Agents IT02 IT Portal

User & Auth Agent

JWT auth, role-based access control, OTP verification and full session audit trail.

Deploy This Agent →
What This Agent Does

How it works.

This agent handles all authentication and authorisation for the IT Portal. It issues JWT tokens, enforces role-based permissions at the field level, validates OTPs via SMS, and logs every login event with IP address and device fingerprint for full audit compliance.

Inputs

Login credentials
Username / email + password — bcrypt hashed comparison
Role assignment
Admin / manager / staff / client — set at user creation
OTP request
Phone number for SMS OTP on sensitive operations
IP & device fingerprint
Logged for every session — DPDP Act compliance

Outputs

JWT access token
Short-lived (15 min) + refresh token (7 days)
Permission map
Role-specific feature flags and field-level access rules
OTP delivered
6-digit code via SMS — expires in 10 minutes
Session log entry
IP, device, login time, role — stored in audit table
Suspicious login alert
New IP or device triggers WhatsApp alert to admin

Automation Flow

Login request
Credentials submitted — password hash compared
Role loaded
User role fetched — permission map assembled
JWT issued
Access token (15 min) + refresh token (7 days) returned
Session logged
IP, device, timestamp stored in audit table
New device check
If new IP/device — WhatsApp alert sent to admin
OTP (if needed)
Sensitive operations require SMS OTP re-verification
Token refresh
Silent refresh before expiry — no re-login required
Tech Stack
JWTbcryptRBAC middlewareTwilio OTPRedis SessionsMySQL
Deploy This Agent

Ready to run User & Auth Agent?

We configure, test and hand it over running in your environment. Fixed price, no recurring fee.

Deploy This Agent → Browse All 149 Agents