Auth + RBAC Module

Marketing operations with role-aware access from day one.

AuraOS ships with secure credentials login, JWT-backed API access, and route-level RBAC for admin, operator, and client roles.

JWT for APIs

`POST /api/auth/sign-in` returns a bearer token for service-to-service and workflow usage.

Route guards

Web sessions are protected with middleware and role-specific access rules across dashboard, clients, content, contracts, reports, portal, and settings.

AuraOS

Sign in

Use the seeded admin account or one of the operator/client accounts you provision later.