# App Builder: Authentication for apps

## Why App Builder authentication matters

Authentication is a crucial aspect of securing your app and ensuring that only authorized users can access its content. When users attempt to view live pages within your app, authentication is required. We've extended our existing authentication system to App Builder, leveraging Entra ID and Google authentication, just like the rest of Rewst. This ensures a consistent and secure user experience across the platform.

{% hint style="info" %}
Ensure that your app's authentication system aligns with your users' expectations and complies with any relevant privacy and security standards. Regularly update and review your authentication processes to stay ahead of potential security challenges.
{% endhint %}

## How authentication works

1. When a user tries to access live pages within your app, they will be redirected to the login page.
2. Users have the option to authenticate using Entra ID or Google credentials. This provides a seamless and familiar login experience.
3. Once authenticated, the system performs an authorization check to ensure the user has the necessary permissions to view the requested content.
4. If the authentication and authorization checks pass, the user is granted access to the live pages.

## Default login page

Upon creating your app, you'll notice that a login page is automatically included as one of the default pages. This login page is a fundamental part of ensuring that users authenticate themselves before accessing any live content within your app.

<figure><img src="/files/ljdPMkHtQ6rCx6Tezs3G" alt=""><figcaption></figcaption></figure>

You have the flexibility to customize the login page according to your app's branding and design, creating a cohesive and personalized experience for the users who log into your app. For more on editing pages, see our pages documentation [here](/documentation/app-builder/app-builder-pages.md).

## Configure a webhook trigger for CORS requests

When referencing a Rewst web hook in JavaScript in an app builder page(or outside of Rewst), you may see the error `TypeError: Failed to fetch`. This is due to blocking by your browser. See our documentation for how to set up this particular type of trigger [here](/documentation/automations/intro-to-triggers/use-cases-and-examples/configure-a-webhook-trigger-for-cors-requests.md).

{% hint style="info" %}
If you have suggestions for new App Builder features, or general feedback about your experience using this part of Rewst, submit your thoughts to our [Canny](https://rewst.canny.io/app-builder).
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.rewst.help/documentation/app-builder/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.