Home Glossary Zoho Catalyst Catalyst Authentication
Zoho Catalyst

Catalyst Authentication

Catalyst Authentication is a built-in user identity service in Zoho Catalyst that handles sign-up, sign-in, and session management for web and mobile applications without requiring a custom auth backend.

Feature

Catalyst Authentication is the identity and access management service built into Zoho Catalyst that provides ready-made sign-up, login, password reset, and token-based session management so developers do not need to build or maintain a separate authentication system.

How Catalyst Authentication Works in Zoho Catalyst

The Catalyst SDK includes authentication methods that create and verify user sessions using JSON Web Tokens. End users register with an email and password through your application’s frontend, and Catalyst handles credential storage, email verification, and password hashing. On login, Catalyst returns a JWT that the client sends with subsequent API requests. Catalyst Advanced I/O functions can validate this token using the SDK, ensuring only authenticated users can access protected data. Catalyst also supports Zoho login as a social sign-in option.

When to Use Catalyst Authentication

Use Catalyst Authentication whenever you build a multi-user application where different users should see only their own data, such as a customer portal, a field agent app, or an internal tool with role-based access. Indian SaaS startups building Zoho-integrated portals use it to avoid the cost and complexity of integrating a third-party identity provider like Auth0 or Firebase Auth.

Key Considerations

Catalyst Authentication manages email-password users within the Catalyst project scope. It does not replace Zoho’s OAuth mechanism for calling Zoho APIs on behalf of a user; you still need Zoho OAuth tokens for that purpose. Password policies and email templates for verification and reset are configurable in the Catalyst console. User data created via Catalyst Auth is separate from Zoho CRM contacts and does not sync automatically.

India Example

A Pune-based manufacturing company builds a Catalyst dealer portal where 150 dealers across Maharashtra log in to view their order status and download invoices. Catalyst Authentication handles the sign-up flow with email verification and the login session with JWTs. Each dealer’s Catalyst function calls are validated against their token, ensuring one dealer cannot see another’s orders. The company avoids building or paying for any separate identity service.

Can Catalyst Authentication work with Zoho login (SSO)?

Yes. Catalyst supports Zoho as a social login provider, so users with a Zoho account can sign in to your Catalyst application using their existing Zoho credentials. This is particularly useful for applications built for teams that already use Zoho tools, removing the need to create a separate password for the Catalyst app.

How do Catalyst functions verify that a request is from an authenticated user?

The frontend includes the user’s JWT in the Authorization header of every API request. The Catalyst Advanced I/O function calls the SDK’s authentication verification method, which decodes and validates the token. If valid, the SDK returns the user’s details, including their Catalyst user ID and email, which the function uses to fetch or filter user-specific data from the Datastore.

Need help implementing this in Zoho?

Aaxonix is a certified Zoho implementation partner based in Pune. Architecture-first, no surprises.