# Passwordless Login Source: https://www.potatoannotator.com/docs/features/passwordless-login Potato supports passwordless authentication for low-stakes annotation tasks where security is less critical than ease of access. This allows annotators to log in with just a username, without requiring a password. ## Overview Passwordless login is useful when: - Running quick annotation studies with volunteers - Conducting internal team annotation sessions - Testing annotation configurations - Working with crowdsourcing platforms that handle authentication externally - Running classroom exercises or demos ## Configuration Enable passwordless login by setting `require_password: false`: ```yaml require_password: false # Optional: Specify authentication method authentication: method: in_memory # Default ``` ## Authentication Methods Potato supports three authentication backends, all compatible with passwordless mode: ### In-Memory (Default) Users are stored in memory only. Data is lost when the server restarts. ```yaml require_password: false authentication: method: in_memory ``` ### Database Users are persisted to a database: ```bash export POTATO_DB_CONNECTION="sqlite:///users.db" ``` ```yaml require_password: false authentication: method: database ``` ### Clerk SSO Integration with Clerk for enterprise single sign-on: ```bash export CLERK_API_KEY="your_api_key" export CLERK_FRONTEND_API="your_frontend_api" ``` ```yaml authentication: method: clerk ``` ## How It Works ### With Passwordless Enabled 1. User visits the login page 2. User enters only their username 3. System creates or authenticates the user without password verification 4. User proceeds to annotation ### User Registration In passwordless mode: - New users are automatically registered on first login - Only the username is required - Additional user data (if configured) is still collected ## Security Considerations Passwordless mode provides minimal security: - **No identity verification**: Anyone can claim any username - **Session hijacking**: Sessions can be easily impersonated - **No audit trail integrity**: User actions cannot be cryptographically verified **Recommended uses:** - Internal team annotation - Classroom exercises - Quick prototyping - Platforms with external authentication (Prolific, MTurk) **Not recommended for:** - Sensitive data annotation - Medical or legal annotation tasks - Tasks requiring verified annotator identity - Long-running studies with incentives ## User Configuration File Even in passwordless mode, you can pre-register users: ```yaml authentication: user_config_path: users.jsonl ``` **users.jsonl:** ```json {"username": "annotator1"} {"username": "annotator2"} {"username": "admin", "role": "admin"} ``` ## Migration ### From Password-Required to Passwordless 1. Update configuration: ```yaml require_password: false ``` 2. Existing users can still log in with or without their password ### From Passwordless to Password-Required 1. Update configuration: ```yaml require_password: true ``` 2. Existing passwordless users will need to register with a password ## Complete Example ```yaml annotation_task_name: "Quick Annotation Task" # Enable passwordless login for easy access require_password: false # Use database backend to persist users authentication: method: database # Task configuration data_files: - data/instances.json item_properties: id_key: id text_key: text annotation_schemes: - name: sentiment annotation_type: radio labels: [Positive, Negative, Neutral] description: "Select the sentiment" ``` ## Troubleshooting ### Users Can't Log In Check that: 1. `require_password: false` is set in the configuration 2. The authentication backend is properly initialized 3. There are no conflicting authentication settings ### User Data Not Persisting If using `in_memory` backend: - User data is lost on server restart - Switch to `database` backend for persistence ### Duplicate Username Errors In passwordless mode, users trying to register with an existing username are simply logged in as that user. This is by design for ease of use. ## Further Reading - [User Management](/docs/core-concepts/user-management) - User management features - [Crowdsourcing Integration](/docs/deployment/crowdsourcing) - Platform integration For implementation details, see the [source documentation](https://github.com/davidjurgens/potato/blob/main/docs/passwordless_login.md).