A compact, URL-safe token format used for authentication and authorization. A JWT contains encoded claims (user ID, roles, expiration) signed with a secret key, so servers can verify identity without database lookups on every request. GenMB uses JWTs for deployed app access control and embed token verification.
An open standard for token-based authorization that lets users grant third-party apps limited access to their accounts without sharing passwords. "Sign in with Google" and "Sign in with GitHub" use OAuth 2.0. GenMB supports Google OAuth for generated apps through its built-in auth service and Clerk plugin.
A security model that restricts system access based on user roles (admin, editor, viewer) rather than individual permissions. Each role defines what actions a user can perform. GenMB provides a built-in RBAC service with a client SDK that generated apps can use to manage roles, check permissions, and gate features.
Put these concepts into practice. Describe your app idea and let GenMB generate the code.
Try GenMB Free