The Catalyst SDK includes authentication methods that create and verify user sessions using JSON Web Tokens. End users register with an email and password through your application’s frontend, and Catalyst handles credential storage, email verification, and password hashing. On login, Catalyst returns a JWT that the client sends with subsequent API requests. Catalyst Advanced I/O functions can validate this token using the SDK, ensuring only authenticated users can access protected data. Catalyst also supports Zoho login as a social sign-in option.
Use Catalyst Authentication whenever you build a multi-user application where different users should see only their own data, such as a customer portal, a field agent app, or an internal tool with role-based access. Indian SaaS startups building Zoho-integrated portals use it to avoid the cost and complexity of integrating a third-party identity provider like Auth0 or Firebase Auth.
Catalyst Authentication manages email-password users within the Catalyst project scope. It does not replace Zoho’s OAuth mechanism for calling Zoho APIs on behalf of a user; you still need Zoho OAuth tokens for that purpose. Password policies and email templates for verification and reset are configurable in the Catalyst console. User data created via Catalyst Auth is separate from Zoho CRM contacts and does not sync automatically.
A Pune-based manufacturing company builds a Catalyst dealer portal where 150 dealers across Maharashtra log in to view their order status and download invoices. Catalyst Authentication handles the sign-up flow with email verification and the login session with JWTs. Each dealer’s Catalyst function calls are validated against their token, ensuring one dealer cannot see another’s orders. The company avoids building or paying for any separate identity service.
Yes. Catalyst supports Zoho as a social login provider, so users with a Zoho account can sign in to your Catalyst application using their existing Zoho credentials. This is particularly useful for applications built for teams that already use Zoho tools, removing the need to create a separate password for the Catalyst app.
The frontend includes the user’s JWT in the Authorization header of every API request. The Catalyst Advanced I/O function calls the SDK’s authentication verification method, which decodes and validates the token. If valid, the SDK returns the user’s details, including their Catalyst user ID and email, which the function uses to fetch or filter user-specific data from the Datastore.
Aaxonix is a certified Zoho implementation partner based in Pune. Architecture-first, no surprises.