SurrealDB provides a layered security model that covers how users and systems prove their identity, what they are allowed to do once authenticated, and the operational practices that keep a deployment safe.
This section is organised into three areas:
Authentication — signing in with credentials, record-based access, and third-party identity providers.
Authorization — controlling access at the table, field, and row level with the
PERMISSIONSclause and JWTs.Best practices — guidance on secure configuration, token handling, network exposure, and common pitfalls.