🌍 Global Mirror — Visit original CN site →
Skip to main content
In this tutorial, we will build a chatbot that only lets specific users access it. We’ll start with the LangGraph template and add token-based security step by step. By the end, you’ll have a working chatbot that checks for valid tokens before allowing access. This is part 1 of our authentication series:
  1. Set up custom authentication (you are here) - Control who can access your bot
  2. Make conversations private - Let users have private conversations
  3. Connect an authentication provider - Add real user accounts and validate using OAuth2 for production
This guide assumes basic familiarity with the following concepts:
Custom auth is only available for LangSmith SaaS deployments or Enterprise Self-Hosted deployments.

​
1. Create your app

Create a new chatbot using the LangGraph starter template: 
pip install -U "langgraph-cli[inmem]"
langgraph new --template=new-langgraph-project-python custom-auth
cd custom-auth
The template gives us a placeholder LangGraph app. Try it out by installing the local dependencies and running the development server: 
pip install -e .
langgraph dev
The server will start and open Studio in your browser: 
> - 🚀 API: http://127.0.0.1:2024
> - 🎨 Studio UI: https://smith.langchain.com/studio/?baseUrl=http://127.0.0.1:2024
> - đź“š API Docs: http://127.0.0.1:2024/docs
>
> This in-memory server is designed for development and testing.
> For production use, please use LangSmith.
If you were to self-host this on the public internet, anyone could access it. No authentication: the dev server is publicly reachable, anyone can access the bot if exposed to the internet.

​
2. Add authentication

Now that you have a base LangGraph app, add authentication to it.
In this tutorial, you will start with a hard-coded token for example purposes. You will get to a “production-ready” authentication scheme in the third tutorial.
The Auth object lets you register an authentication function that the LangSmith deployment will run on every request. This function receives each request and decides whether to accept or reject. Create a new file src/security/auth.py. This is where your code will live to check if users are allowed to access your bot:
src/security/auth.py
from langgraph_sdk import Auth

# This is our toy user database. Do not do this in production
VALID_TOKENS = {
    "user1-token": {"id": "user1", "name": "Alice"},
    "user2-token": {"id": "user2", "name": "Bob"},
}

# The "Auth" object is a container that LangGraph will use to mark our authentication function
auth = Auth()


# The `authenticate` decorator tells LangGraph to call this function as middleware
# for every request. This will determine whether the request is allowed or not
@auth.authenticate
async def get_current_user(authorization: str | None) -> Auth.types.MinimalUserDict:
    """Check if the user's token is valid."""
    assert authorization
    scheme, token = authorization.split()
    assert scheme.lower() == "bearer"
    # Check if token is valid
    if token not in VALID_TOKENS:
        raise Auth.exceptions.HTTPException(status_code=401, detail="Invalid token")

    # Return user info if valid
    user_data = VALID_TOKENS[token]
    return {
        "identity": user_data["id"],
    }
Notice that your Auth.authenticate handler does two important things:
  1. Checks if a valid token is provided in the request’s Authorization header
  2. Returns the user’s MinimalUserDict
Now tell LangGraph to use authentication by adding the following to the langgraph.json configuration:
langgraph.json
{
  "dependencies": ["."],
  "graphs": {
    "agent": "./src/agent/graph.py:graph"
  },
  "env": ".env",
  "auth": {
    "path": "src/security/auth.py:auth"
  }
}

​
3. Test your bot

Start the server again to test everything out: 
langgraph dev --no-browser
If you didn’t add the --no-browser, the Studio UI will open in the browser. By default, we also permit access from Studio, even when using custom auth. This makes it easier to develop and test your bot in Studio. You can remove this alternative authentication option by setting disable_studio_auth: true in your auth configuration: 
{
    "auth": {
        "path": "src/security/auth.py:auth",
        "disable_studio_auth": true
    }
}

​
4. Chat with your bot

You should now only be able to access the bot if you provide a valid token in the request header. Users will still, however, be able to access each other’s resources until you add resource authorization handlers in the next section of the tutorial. Auth gate passes requests with a valid token, but no per-resource filters are applied yet—so users share visibility until authorization handlers are added in the next step. Run the following code in a file or notebook: 
from langgraph_sdk import get_client

# Try without a token (should fail)
client = get_client(url="http://localhost:2024")
try:
    thread = await client.threads.create()
    print("❌ Should have failed without token!")
except Exception as e:
    print("âś… Correctly blocked access:", e)

# Try with a valid token
client = get_client(
    url="http://localhost:2024", headers={"Authorization": "Bearer user1-token"}
)

# Create a thread and chat
thread = await client.threads.create()
print(f"âś… Created thread as Alice: {thread['thread_id']}")

response = await client.runs.create(
    thread_id=thread["thread_id"],
    assistant_id="agent",
    input={"messages": [{"role": "user", "content": "Hello!"}]},
)
print("âś… Bot responded:")
print(response)
You should see that:
  1. Without a valid token, we can’t access the bot
  2. With a valid token, we can create threads and chat
Congratulations! You’ve built a chatbot that only lets “authenticated” users access it. While this system doesn’t (yet) implement a production-ready security scheme, we’ve learned the basic mechanics of how to control access to our bot. In the next tutorial, we’ll learn how to give each user their own private conversations.

​
Next steps

Now that you can control who accesses your bot, you might want to:
  1. Continue the tutorial by going to Make conversations private to learn about resource authorization.
  2. Read more about authentication concepts.
  3. Check out the API reference for Auth, Auth.authenticate, and MinimalUserDict for more authentication details.
Edit this page on GitHub or file an issue.
Connect these docs to Claude, VSCode, and more via MCP for real-time answers.
No authentication: the dev server is publicly reachable, anyone can access the bot if exposed to the internet.
Auth gate passes requests with a valid token, but no per-resource filters are applied yet—so users share visibility until authorization handlers are added in the next step.