vaaani.in
← Back to all frameworks MERN + API

JWT + OAuth 2.0

Auth done properly — sessions, refresh, RBAC, SSO

Build with JWT Next: WebSockets + Webhooks →

What it is

JWT for stateless session tokens, OAuth 2.0 for delegated access (Google, Microsoft, GitHub login), with refresh tokens and role-based access control on top.

How Vaaani uses it

  • Multi-tenant dashboards with per-org data isolation
  • SSO into customer Microsoft / Google workspaces
  • API keys + scopes for partner access
  • Audit logs of every privileged action

Why it makes the cut

Auth bugs are security bugs. Vaaani uses battle-tested libraries (Auth.js, Passport, Clerk) — never roll your own.

Sample code

import jwt from "jsonwebtoken";

const token = jwt.sign(
  { userId: user.id, role: "admin" },
  process.env.JWT_SECRET,
  { expiresIn: "15m" }
);

Related in the Vaaani stack

Express.js Node.js Stripe · Twilio · SendGrid REST + GraphQL

Have a project that needs JWT?

30-min discovery call. You describe the busywork; I map it to an AI worker and a budget.

neilshankarray@vaaani.in Other ways to reach me →