Signing in
AgentValet’s dashboard authentication is handled by Clerk . When you sign up or log in, you’re going through Clerk’s hosted flow.
Sign-in methods
- Email + password — the default
- GitHub — one-click social sign-in
- Passkey (WebAuthn) — available for action approval; dashboard sign-in via passkey is in the pipeline but not yet enabled
If you forget your password, the Forgot password? link on the sign-in form sends a one-time code to your registered email. No password reset wait.
What signing in actually does
When you sign in, Clerk issues two JWTs:
- A standard session JWT — used by the dashboard to fetch your data through Supabase row-level security
- A second JWT signed against AgentValet’s proxy — used when the dashboard calls the proxy on your behalf (e.g., to approve a queued action)
Both expire on a short rotation. You don’t need to think about either; the dashboard refreshes them in the background.
Multiple devices
You can be signed in on as many devices as you like. The dashboard works on any modern browser, plus a touch-optimised view at /m/* for mobile approvals. Push notifications register per-device when you grant permission on each one.
SSO and SCIM
Single sign-on (SAML / OIDC) and SCIM user provisioning are on the roadmap for the Enterprise tier. Today, every user authenticates through Clerk’s hosted flow regardless of plan.
If you need SSO for evaluating AgentValet at your org, get in touch — early-adopter conversations are how the SSO scope gets shaped.
Signing out
The user menu in the dashboard top-right has a sign-out option. It clears Clerk’s session everywhere, so other devices will be signed out on their next request. Your agents are unaffected — they sign with their own keys, not your session.