Yes. Needle Engine runs as part of a standard web page or web application. It does not handle authentication directly, but you can implement authentication using standard web practices and connect it to your app.
How it works:
- Your surrounding web application - the page where Needle is used - handles the authentication flow (e.g., redirecting to an OAuth provider like Google, Azure AD, Auth0, Okta; or handling JWT tokens).
- Once the user is authenticated, your application’s frontend code has access to user information or tokens.
- You can use this authentication status to:
- Control access to the Needle Engine experience itself.
- Pass user information or tokens to Needle Engine components and scripts if needed, for example to personalize the experience or make authenticated API calls from within the 3D scene
- Secure backend API calls made from your Needle application using bearer tokens or session cookies.
Essentially, Needle Engine operates within the security context established by your broader web application.