Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.base44.com/llms.txt

Use this file to discover all available pages before exploring further.

Some apps need a login. Think of an online store where anyone can browse, but customers sign in to see their order history. Or a to-do list app where every person must log in to see their own tasks. If your app works like this, Base44 gives you 2 ways to set up sign-in and registration:
  • Base44’s built-in login shows a login screen for your app automatically. You do not have to build anything. Base44 handles sign-in, registration, and password resets for you. The design is managed by Base44 and cannot be changed.
    Base44 Login
  • Custom login pages are pages you build inside your app for sign-in, registration, and password resets. The design is yours to control. Base44 still handles authentication securely behind the scenes.
    Custom Login

Base44’s built-in login

When you use Base44’s built-in login, the login screen appears automatically. You choose which sign-in methods to offer and Base44 handles the rest.

Choosing your sign-in methods

You can offer multiple ways for people to sign up, such as email, Google, or other providers, so that login stays simple, secure, and familiar. You can enable more than one option.
Social logins on your login page
To choose your sign-in methods:
  1. Click Dashboard in your app editor.
  2. Click Settings.
  3. Click Authentication.
  4. Enable the toggle next to the relevant authentication options:
    • Email and password: Allow people to create an account with their email address and a secure password.
    • Google: Allow people to log in using their Google account credentials.
    • Microsoft: Allow people to log in using their Microsoft credentials.
    • Facebook: Allow people to log in using their Facebook credentials.
    • Apple: Allow people to log in using their Apple account.
    • Single sign-on (SSO): Connect an external identity provider that supports OIDC, such as Okta or your company’s identity provider, so people can log in using credentials from that provider.
Adding authentication methods to your app in Base44
SSO is only available for the Elite plan. Learn more about setting up SSO.
For Facebook login to work, the person logging in needs a verified Facebook account. If their Facebook email or identity is not verified, Facebook can block the login and show an error message. They must complete Facebook’s identity confirmation process in their Meta account before they can sign in to your app with Facebook.

Custom login pages

If you want people to log in to your app, you can build your own login and registration pages instead of using the default Base44 login screen. This lets you match the design to your app, translate it into any language, and add your own branding. Base44 still handles authentication behind the scenes, including sending password reset emails when needed.
Custom login pages are rolling out gradually and are not yet available to all accounts.
If your app requires login, you get the following pages ready to customize:
  • Login page: Where your app’s visitors sign in.
  • Register page: Where new visitors create an account.
  • Forgot password page: Where visitors can request a password reset email.
  • Reset password page: Where visitors set a new password after requesting a reset.
Custom Login Menu

Editing your login pages

You can change the design, colors, and content of any of these pages directly from the editor. To edit a login page:
  1. Open your app editor.
  2. (Optional) Click the page drop-down at the top of the editor and select the page you want to edit (for example, Login).
  3. Type your request in the chat. For example:
Add my logo to the login page and change the background color to dark blue.
Customizing Login Pages

Adding sign-in methods

Ad with the Base44 default login pages, you can offer multiple ways for people to sign up, such as email, Google, or other providers, so that login stays simple, secure, and familiar. You can enable more than one option.
After you enable a provider, you need to add a button for that provider to your pages. Follow the steps below to learn how.
To add a social login provider to your custom login pages:
  1. Click Dashboard in your app editor.
  2. Click Settings.
  3. Click Authentication.
  4. Enable the toggle for the provider you want to add.
  5. Click Add to pages below the provider.
  6. The AI adds the provider’s sign-in button to your login and register pages.
Custom Sign In Methods

About the reset password page

The forgot password and reset password pages work as a pair. When someone requests a password reset, Base44 sends them an email with a link to /reset-password on your app’s domain. That path is hardcoded and cannot be changed. The AI builds both /forgot-password and /reset-password automatically when your custom login pages are created. Do not rename or move either page. If either page is missing, the password reset flow will break. Reset links are single-use. Once someone resets their password, the link in the email stops working. If they try to use it again, they will see an invalid or expired error. They need to request a new reset email from your /forgot-password page.
If your app has a custom domain, the reset email automatically uses that domain in the link. No extra setup is needed.

Customizing the Google login

Base44 gives you 2 ways to set up Google login, so you can manage how people experience sign-in and how your brand is displayed:
  • Default Google login: Fast setup using Base44’s credentials. The login window shows “Sign in with Google” and is branded with base44.com. To use this method, enable the Google authentication toggle and select Use the default Base44 OAuth.
Default Google login screen
  • Custom Google OAuth: Connect your own Google Cloud client ID and secret in the Authentication panel. People will see your app’s domain, not “base44.com” when they sign in with Google. This is ideal for businesses that require a fully branded experience or need to meet enterprise requirements.
Custom Google OAuth login screen
You must be on a Builder plan or higher to use custom Google OAuth. You must also have a payment method connected to your project in your Google Cloud Console.
To set up custom Google OAuth:
  1. Connect a custom domain to your app.
  2. Go to Google Cloud Console and create a new project for your app.
  3. Verify your domain here.
  4. Set up your OAuth app by completing the following information:
    1. Overview: Enter your app information.
    2. Branding: Set up your app’s branding (learn more about branding):
      1. Add your logo. This must be similar to your app’s logo.
      2. Create a home page in your app following these guidelines.
      3. Create a privacy policy linked from your home page following these guidelines.
      4. Add a support page to your app.
      5. Add your domain as an authorized domain.
      Setting up your OAuth app
    3. Audience: Choose if your app is for internal or external use.
    4. Clients: Get your Client ID and Secret:
      1. Click Create client.
      2. Enter the following details:
        • Authorized JavaScript origins: Enter your app domain.
        • Authorized redirect URIs: Enter https://app.base44.com/api/apps/auth/callback
      3. Click Create.
      Client ID and redirect URI fields in Google Console
    5. Data Access: Select the following scopes:
      • openid
      • https://www.googleapis.com/auth/userinfo.email
You must add a landing page to your app that includes your privacy policy and terms of service. These pages must be public and not behind a login. This is required for Google OAuth approval.
  1. Go back to Base44 and finish setting up your custom login:
    1. Click Dashboard in your app editor.
    2. Click Settings.
    3. Click Authentication.
    4. Enable the Google authentication toggle.
    5. Select Use a custom OAuth from Google Console.
    6. Enter the relevant information from your Google OAuth app and click Update.
Setting up custom Google OAuth in Base44
Once you have completed the steps above, you need to wait for Google to verify and approve your app, which can take up to 5 days.

Sign-up data collection

Personalize your app experience by collecting key details from people when they sign up. You can prompt the chat to generate a custom sign-up form that gathers information beyond just an email and password (e.g. full name, company, or role) so you can onboard people smoothly and tailor their app experience from the start. Choose where to store the data:
  • Users dataset: Store data securely, viewable only by app admins. This is ideal for sensitive or admin-only details.
  • Connected dataset: Store user responses in a separate public-facing dataset. This is recommended for data displayed or shared in-app (like company names).
If you collect personal data at sign-up, such as names or company details, make sure your app has a privacy policy that explains what you collect and how you use it. This is a legal requirement in many regions and is also required if you use Google OAuth.

FAQs

Click a question below to learn more about authentication.
If people do not receive verification or password reset emails, start with these checks:
  • Ask them to check their spam or junk folders in case the email was filtered.
  • Let them know it can take a few minutes for some email providers to deliver the message.
  • Ask them to add app@base44.com to their safe senders or allowlist so future emails are not blocked.
  • During sign up, encourage them to enter their email address in lowercase and to check for typos.
If they still do not receive the email, ask them to click the resend link from your app.If that does not work, remove their record from the Users list in your dashboard and ask them to sign up again with the same email address.If several people report the same issue at the same time, or if resend and re-signup do not solve it, contact Base44 support with your app URL and the affected email addresses so we can check for any deliverability or platform issues.If your app has custom login pages and the password reset link leads to a blank page or an error, check that your reset password page is at exactly the path /reset-password. The link in the email is hardcoded to that path.
This usually happens when the person’s Facebook account is not fully verified. Facebook can block the login until they confirm their identity and verify the email on their account.Ask them to:
  1. Open Facebook and go to Settings and privacy.
  2. Go to Accounts Center.
  3. Go to Verification and then Identity confirmation.
  4. Complete the identity confirmation steps.
After they finish Facebook’s verification flow, they can try logging in to your app again with Facebook. Facebook controls this requirement, not Base44, so you cannot bypass it from your app settings.
You can do this with custom login pages. When your app has custom login pages, you have a public landing page and your other pages check whether the visitor is logged in. Ask the AI to protect specific pages so visitors who are not logged in get redirected to your login page.For example:
Make all pages except the landing page require login. Redirect visitors who are not logged in to the Login page.
If custom login pages are not available in your account yet, you can use this workaround:
  1. Set your app to Public (no login required): In your Dashboard, go to Settings and then App Settings. Set App Visibility to Public (no login required).
  2. Create your landing page with login and sign-up buttons: Prompt the AI to “create a landing page with login and sign-up buttons.” Make sure this is your app’s main page by selecting it under Main Page in your settings.
  3. Require login for other pages: Ask the AI to require login on all other pages and redirect visitors who are not logged in back to your landing page.
Base44 automatically handles all passwords securely behind the scenes. If someone forgets their password, they can reset it directly from the login screen by clicking Forgot password?.If your app has custom login pages, the forgot password page is built into your app at /forgot-password. The password reset email links to your app’s /reset-password page.Use login screen with Forgot password option to reset it.
Yes. Adding a logout option keeps things secure and gives people peace of mind. You can prompt the chat to include a Logout button and place it in the sidebar or app header, wherever it best fits your design.Prompting the chat for a logout button.
Yes. Base44 supports external authentication providers that use OpenID Connect (OIDC), including providers such as Kakao.If you are on the Elite plan, you can connect external providers such as Google, Microsoft, GitHub, Okta, or Kakao using Single sign-on (SSO) and the Advanced / Manual configuration option. You need your own account with the identity provider, and you are responsible for creating and managing the app, client ID, client secret, redirect URI, and any other credentials in that provider.For step-by-step instructions, see the guide on setting up SSO in Base44.Advanced SSO configuration options
The Base44 SDK does not support User.login(), so if you try to use it in your code, you will see an error.To handle login on apps without custom login pages, always use base44.auth.redirectToLogin(nextUrl). This method sends the user to the login page and brings them back to your site after they sign in.If you are having issues with authentication, check that you are using this correct method in your app.Incorrect (will cause an error):
User.login(nextUrl);
Correct:
base44.auth.redirectToLogin(nextUrl);
Tip: If you see an error like “TypeError: User.login is not a function”, check your imports and ensure you are using base44.auth.redirectToLogin instead.
It depends on whether your app uses custom login pages.If your app has custom login pages, you can open and view these pages in the preview window, since they are regular pages in your app’s codebase.If your app uses Base44’s built-in authentication, you cannot test the full sign-up, login, or logout flows inside the preview window.To test your signup and login flows on a standard auth app:
  1. Publish your app.
  2. Open your app’s live URL in a browser.
  3. Go to the signup or login page.
  4. Complete the flow with a relevant, valid email address.
This way you see the same experience that people will have when they sign up or log in to your app on the live site.
The most common cause is that your app is set to Private. On a private app, only users who have been explicitly invited by email can log in. Anyone else will see an invalid login error, even if they enter valid credentials.To check and update your app’s visibility:
  1. Click Dashboard in your app editor.
  2. Click Overview.
  3. Under App Visibility, check the current setting.
    • If it is set to Private, make sure the user has been invited. Go to Users and click Invite User to add them.
    • If you want anyone to be able to sign up and log in, change the visibility to Public.
Other possible causes:
  • The user entered an incorrect email or password.
  • The user has not verified their email address after signing up.
  • The login session has expired. Ask the user to try logging in again.