ExecSignIn Pro is the secure authentication layer for operator portals — magic link login, role-based access control, session management, and full audit logging, deployed in minutes.
Storing hashed credentials, handling forgot-password flows, enforcing complexity rules — magic links eliminate credentials entirely. No password database means no password database breach.
Every portal has at least two access tiers and most have four or five. Building role enforcement across every route and API call is tedious and expensive. ExecSignIn Pro handles it at the auth layer.
Most developer-built auth systems log nothing. When an access incident happens there's no record of who accessed what and when. ExecSignIn Pro emits a complete audit event for every authenticated action.
Running your own auth server means managing uptime, scaling session storage, and keeping up with security patches. ExecSignIn Pro runs serverless on Netlify — no server to manage, no infrastructure to maintain.
Users enter their email and receive a one-time secure link — no passwords, no credential storage, no forgot-password flow. The link expires in 15 minutes, is single-use, and signs the user into a JWT session immediately on click.
Four built-in access tiers — Admin, Executive, Member, Guest — each with configurable permissions. Roles are embedded in the JWT and enforced at the function level. Add role checks with a single middleware call per route.
Stateless JWTs signed with a secret stored in Netlify environment variables — no session database required. Configurable expiry (1h, 8h, 24h, 7d), automatic token refresh on activity, and explicit logout with server-side invalidation.
OAuth 2.0 integrations for Google and GitHub are pre-configured — drop in your OAuth app credentials and both SSO buttons work immediately. Authenticated SSO users are mapped to portal roles on first login via configurable email-domain rules.
Every authentication event — login attempt, magic link sent, link expiry, token refresh, role change, explicit logout — is written to a structured audit log. Query by user, date range, or event type from the built-in audit dashboard.
A built-in admin console for managing portal members — invite users by email, assign or change roles, revoke access, view session activity, and reset invite status without needing a separate database UI.
Deployed as Netlify Functions — no server, no Docker, no devops. Fork the repo, set five environment variables (JWT secret, email provider key, OAuth credentials), deploy, and your portal has production-grade auth in under 20 minutes.
The login page is fully customizable — swap in your logo, set brand colors, add a portal-specific tagline, and configure what login methods appear. Ships as clean HTML + CSS with no framework dependencies.
Clone or fork the ExecSignIn Pro repository from GitHub. The entire auth system is contained in Netlify serverless functions and a static frontend — no external auth provider or backend database required.
In your Netlify site settings, set the five required environment variables: JWT_SECRET, EMAIL_API_KEY (for magic link delivery via Resend or Postmark), JWT_EXPIRY, and optionally GOOGLE and GITHUB OAuth credentials for SSO.
Connect the repo to Netlify and push. Functions deploy automatically. Your login page is live at your domain, magic links are deliverable, and the admin console is accessible at /admin immediately.
Import the ExecSignIn auth middleware and call requireRole('admin') at the top of any handler. Role enforcement is consistent, centralized, and one line per protected endpoint.
Magic links, role-based access, session management, SSO, and audit logging — deployed on serverless infrastructure with no backend to build or manage.
Serverless · No auth infrastructure · JWT + Magic Link · Audit-ready