SurrealDB supports multiple authentication methods designed for different use cases, from server administration to end-user access in client-side applications.
System users — administrator-managed accounts with role-based access control at the root, namespace, or database level.
Record users — application users that sign up and sign in through custom logic, restricted by table and field permissions.
Sessions — persistent connections that carry authentication state, with configurable token and session expiration.
JSON Web Tokens — internal token management and third-party provider integration via JWKS.
For a condensed reference of all authentication-related features and links, see the Summary page.