> ## Documentation Index
> Fetch the complete documentation index at: https://docs.startale.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> Users sign in to Startale with Google, LINE, passkey, or an existing wallet. The smart-account address stays the same regardless of method.

Users authenticate through the Startale App popup. Three sign-in options are available:

* Google
* LINE
* Passkey

A fourth path, **Connect a wallet**, lets users authenticate with MetaMask or any EIP-6963-compatible wallet. That wallet is linked as an EOA; the active signer for transactions is always the user's smart account.

A user's smart-account address is determined by their account in the Startale system, not by the auth method they chose. A user who signs in with Google on one device and passkey on another lands on the same smart account.

## Restricting auth methods

Use `Preference.authType` to limit which social providers are offered:

```ts theme={null}
startaleConnector({
  appName: 'My App',
  preference: {
    authType: 'google',
  },
})
```

Accepted values: `'google'`, `'line'`. When omitted, the popup offers all available methods. Passkey and wallet connection are not filterable through `authType`. EOA linking is configured separately through `eoaRequired`.

## Requiring a linked EOA

Set `Preference.eoaRequired: true` to force users to link a MetaMask wallet during connection. The smart account remains the signer for transactions. The linked EOA is exposed read-only via [the Mini App runtime context](/miniapps/runtime-context) for identity continuity use cases.

## Session lifetime and limits

Sessions are managed by the Startale App. The Startale App SDK does not impose its own session timeout, idle limit, or concurrent-session cap on top of that.

**What `disconnect()` does.** Calling `disconnect()` (or wagmi's `useDisconnect()`) clears the SDK's local connection state in browser `localStorage`, namely the smart-account address, active chain, and cached metadata. It does not sign the user out of the Startale App itself. Reconnecting from your application reuses the same smart-account address without re-authentication, as long as the user's Startale App session is still active.

**Multi-device.** A user can be signed in on multiple devices and browsers concurrently. Disconnecting on one device has no effect on the others.

**Token refresh.** Your application never sees the user's auth token. The Startale App owns the session lifecycle, and the SDK does not perform silent refresh. If a user's Startale session ends through manual sign-out or auth-provider expiry, the next signed request through your application reopens the popup for re-authentication. During that window, `useAccount()` flips to disconnected briefly until the user completes the popup flow.