Route Auth vs. Basic Auth
🔒 Security
·
Updated 3 weeks ago
Route Auth vs. Basic Auth
GateControl offers two authentication methods per route. Here is a direct comparison:
Comparison Table
| Feature | Basic Auth | Route Auth |
|---|---|---|
| Login dialog | Browser-native | Custom login page |
| Branding | No | Logo, colors, text |
| 2FA / TOTP | No | Yes |
| Session duration | Until tab is closed | Configurable (1h–30 days) |
| Logout | No | Yes |
| Email Code (OTP) | No | Yes |
| SMTP required | No | Only for Email Code |
| API compatible | Yes (header) | No (browser session) |
| Setup effort | Minimal | Moderate |
When to Use Basic Auth?
- APIs and developer tools
- Simple services with few users
- Systems that support HTTP header authentication
When to Use Route Auth?
- Services for end users
- When 2FA / TOTP is required
- When a customizable login form is desired
- When clean logout functionality is important
Route Auth Methods
| Method | Description | SMTP required? |
|---|---|---|
| Email & Password | Login with email and password | No |
| Email & Code | 6-digit code via email | Yes |
| TOTP | Authenticator app | No |