Skip to content

Authentication

Status: Current

Last reviewed: 2026-05-13

Use the login page to start a console session.

Sign In

Route: /login

  1. Enter a username.
  2. Enter the password.
  3. Click Sign In.

On success, the frontend stores:

  • nexus_token: JWT used as the Authorization: Bearer token.
  • nexus_user: current user id, username, and role.

The console redirects to /dashboard.

Session Expiration

If an API call returns 401, the frontend removes nexus_token and redirects to /login.

Account Changes

The current user can update username and password from Settings. Changing username returns a new JWT and refreshes the stored user session.

Role Effects

The login response includes the account role. The backend enforces protected operations by role:

  • admin: all protected operations.
  • operator: operational changes such as nodes, L3 tunnels, L4 chains, upstreams, and deployment.
  • viewer: read-only access.

NexusNet documentation