---
title: Auth app
description: Identity, sessions, and authorization boundaries used by Cuitty apps.
section: Apps
order: 1
updatedAt: 2026-05-10
slug: apps/auth
---
# Auth app

The auth app owns sign-in, session cookies, API-key issuance, and role checks used by the portal and admin surfaces. It is infrastructure for the rest of Cuitty rather than a standalone observability module.

## Responsibilities

- Bootstrap the first administrator for a new install
- Issue and revoke project API keys
- Maintain session state for browser users
- Expose authorization context to app and module routes

## Operational notes

Production installs should run the portal over HTTPS so browser cookies can be marked secure. API keys are shown once when created; store them in your secret manager and rotate them from the portal when needed.