Security Provider fundamentals
See how Security Providers drive login sessions, action restrictions, and protected page flows across a Wappler project.
Security Provider fundamentals
See how Security Providers drive login sessions, action restrictions, and protected page flows across a Wappler project.
In Demo Projects HQ the provider is not abstract. It is a Database provider named security, backed by the users table, with password verification enabled and an admin permission derived from the role column. That makes it a strong reference example for the most common real-world setup.
Security Provider fundamentals
Section titled “Security Provider fundamentals”Start with the shared provider layer, then follow it into the Demo Projects HQ login flow, page restriction, and secure server actions.
Start here
Setting up Site Security Settings
Understand Wappler Security Providers, provider types, and the shared settings that power login and access control across a project.
Using Globals in Server Connect
Use Globals in Server Connect to manage shared project settings such as database connections, security providers, mailer settings, and other reusable server-side configuration.
Login: Create a Working User Login Page
See the real Demo Projects HQ login flow, from the page form to the shared Security Provider.
Continue into protected flows
Security: Restricting Access to Your Page
Use the App Root security properties to understand shared layout protection, page-specific access rules, and the inspector fields that control login and permission redirects.
Server Connect Actions: Session & Cookie inputs
Understand session vs cookie data, how they relate to login/auth, and how to use them as inputs in actions.
Demo walkthrough: User update (routing + session + security)
Use the real users/update.json action in Demo Projects HQ to connect route params, session context, permissions, and a secure database update.
Go to