nlweb-auth-multitenancy
Installation
SKILL.md
NLWeb Auth & Multitenancy
Before writing code
Fetch live docs:
- Fetch https://github.com/nlweb-ai/NLWeb/blob/main/docs/setup-oauth.md for OAuth configuration.
- Fetch https://github.com/nlweb-ai/NLWeb/blob/main/docs/nlweb-memory.md for conversation persistence.
- Inspect
AskAgent/python/webserver/routes/oauth.pyfor the current OAuth flow. - Inspect
AskAgent/python/core/conversation_history.pyandstorage_providers/for persistence backends. - Check
config/config_oauth.yamlandconfig/config_storage.yamlfor current keys.
Conceptual Architecture
NLWeb's Auth Model — What It Does and Doesn't Do
NLWeb ships OAuth-based user identification — it lets a logged-in user have persistent conversation memory tied to their identity. It does not ship:
- Fine-grained authorization (per-site ACLs)
- API key auth for service-to-service callers
- Multi-tenant data isolation at the retrieval layer