Overview
ZeroPath supports multiple authentication methods through a unified login experience. All authentication is handled securely, with session management designed for both interactive dashboard use and API access.Supported Providers
ZeroPath supports the following login methods:| Provider | Type | Availability |
|---|---|---|
| Email / Password | Standard | All plans |
| Social SSO | All plans | |
| GitHub | Social SSO | All plans |
| Microsoft / Azure AD | Social SSO | All plans |
| SAML | Enterprise SSO | Enterprise plans |
| OIDC | Enterprise SSO | Enterprise plans |
Login Flow
- Visit zeropath.com/login.
- Click “Log In” (or “Sign Up” for new accounts).
- Choose your authentication method (email/password, Google, GitHub, Microsoft, or your organization’s SSO).
- After successful authentication, you’re redirected to the ZeroPath dashboard.
Session Management
- Sessions are created upon successful login and stored as secure, HTTP-only cookies.
- Session tokens are cryptographically hashed before storage — the raw token exists only in your browser cookie.
- Sessions persist for up to 1 year unless explicitly logged out.
- Each session is tied to a single user and organization.
Switching Organizations
If you belong to multiple organizations, the active organization is stored in a separate cookie. You can switch organizations from the dashboard without re-authenticating.Security Notes
- All authentication traffic uses HTTPS encryption.
- Session secrets are cryptographically hashed before database storage.
- Cookies are configured with
Secure,HttpOnly(for session), andSameSite=Laxattributes. - Logout invalidates both the local session and the upstream identity provider session.