Sentinel

Auth Providers

Works with any auth provider

Sentinel is designed to work with any authentication provider. Whether you use Supabase, Better Auth, Auth0, Firebase, or any other auth solution, Sentinel can protect your signup flow.

The integration is simple: call the Sentinel API before creating the user in your auth provider. If Sentinel blocks the signup, don't proceed with user creation.

How it works

1

User submits signup form with email/password

2

Your app calls Sentinel API with the email address

3

Sentinel checks email, domain, and IP against threat databases

4

If allowed, proceed with your auth provider's signup

5

If blocked, show error message to user

Supabase

import { createClient } from '@supabase/supabase-js';

const supabase = createClient(SUPABASE_URL, SUPABASE_KEY);

async function handleSignup(email: string, password: string) {
  // 1. Check with Sentinel first
  const checkResponse = await fetch('/api/sentinel/v1/check', {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'Authorization': 'Bearer YOUR_API_KEY'
    },
    body: JSON.stringify({ email })
  });

  const result = await checkResponse.json();

  if (!result.allowed) {
    throw new Error(result.reason || 'Signup blocked');
  }

  // 2. Proceed with Supabase signup
  const { data, error } = await supabase.auth.signUp({
    email,
    password,
  });

  return data;
}

Better Auth

import { authClient } from './auth';

async function handleSignup(email: string, password: string, name: string) {
  // 1. Check with Sentinel first
  const checkResponse = await fetch('/api/sentinel/v1/check', {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'Authorization': 'Bearer YOUR_API_KEY'
    },
    body: JSON.stringify({ email })
  });

  const result = await checkResponse.json();

  if (!result.allowed) {
    throw new Error(result.reason || 'Signup blocked');
  }

  // 2. Proceed with Better Auth signup
  await authClient.signUp.email({
    email,
    password,
    name,
  });
}

Auth0

import { useAuth0 } from '@auth0/auth0-react';

function SignupForm() {
  const { loginWithRedirect } = useAuth0();

  async function handleSignup(email: string) {
    // 1. Check with Sentinel first
    const checkResponse = await fetch('/api/sentinel/v1/check', {
      method: 'POST',
      headers: {
        'Content-Type': 'application/json',
        'Authorization': 'Bearer YOUR_API_KEY'
      },
      body: JSON.stringify({ email })
    });

    const result = await checkResponse.json();

    if (!result.allowed) {
      throw new Error(result.reason || 'Signup blocked');
    }

    // 2. Proceed with Auth0 signup
    await loginWithRedirect({
      authorizationParams: {
        screen_hint: 'signup',
        login_hint: email,
      },
    });
  }
}

Firebase

import { createUserWithEmailAndPassword } from 'firebase/auth';
import { auth } from './firebase';

async function handleSignup(email: string, password: string) {
  // 1. Check with Sentinel first
  const checkResponse = await fetch('/api/sentinel/v1/check', {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'Authorization': 'Bearer YOUR_API_KEY'
    },
    body: JSON.stringify({ email })
  });

  const result = await checkResponse.json();

  if (!result.allowed) {
    throw new Error(result.reason || 'Signup blocked');
  }

  // 2. Proceed with Firebase signup
  const userCredential = await createUserWithEmailAndPassword(
    auth,
    email,
    password
  );

  return userCredential;
}

OAuth Providers (Google, GitHub, etc.)

For OAuth signups, check the user's email in your callback handler after the OAuth flow completes:

// app/auth/callback/route.ts
import { NextRequest, NextResponse } from 'next/server';

export async function GET(request: NextRequest) {
  // Exchange code for session with your auth provider
  const { user } = await exchangeCodeForSession(code);

  // Check with Sentinel
  const checkResponse = await fetch('https://api.sentinel.com/v1/check', {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'Authorization': 'Bearer YOUR_API_KEY'
    },
    body: JSON.stringify({
      email: user.email,
      ip: request.headers.get('x-forwarded-for')
    })
  });

  const result = await checkResponse.json();

  if (!result.allowed) {
    // Delete the just-created user
    await deleteUser(user.id);
    return NextResponse.redirect('/auth/blocked');
  }

  return NextResponse.redirect('/dashboard');
}

React Hook (Recommended)

For the best developer experience, use our React hook:

import { useSentinelSignupCheck } from '@sentinel/react';

function SignupForm() {
  const { checkSignup, isChecking } = useSentinelSignupCheck();

  async function onSubmit(email: string, password: string) {
    // Check with Sentinel
    const result = await checkSignup(email);

    if (!result.allowed) {
      toast.error(result.reason);
      return;
    }

    // Proceed with any auth provider...
    await yourAuthProvider.signUp({ email, password });
  }

  return (
    <form onSubmit={handleSubmit(onSubmit)}>
      <input type="email" name="email" />
      <input type="password" name="password" />
      <button disabled={isChecking}>
        {isChecking ? 'Checking...' : 'Sign Up'}
      </button>
    </form>
  );
}
Get StartedReference