Skip to main content
TinyAuth protects StackKits service routes and normally lives at auth.<domain>.

Prerequisites

PocketID should be reachable before you rely on TinyAuth for daily sign-in.

Steps

1

Open TinyAuth

Open https://auth.<domain> from the Node Hub.
2

Sign in

Use the generated admin account or the PocketID-backed login path configured by StackKits.
3

Rotate the generated password

Replace any generated bootstrap password after the first successful login.

Verify

  • Protected service routes redirect to TinyAuth.
  • After login, the original service opens.
  • Identity headers are passed only through trusted routes.

Next steps

PocketID

Confirm the passkey identity provider.

Traefik

Review protected middleware routing.

Troubleshooting

Check that PocketID is reachable at id.<domain> and that the browser can keep cookies for the deployment domain.