> ## Documentation Index
> Fetch the complete documentation index at: https://www.dynamic.xyz/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Architecture / Flow

> How authentication is performed between the client/end-user and Dynamic.

## How authentication is performed (Client / end-user ↔ Dynamic)

When using Dynamic as the auth provider, authentication happens between the end-user (via the Dynamic SDK in your app) and Dynamic's backend. Your server is not involved in the authentication step itself.

```mermaid theme={"system"}
sequenceDiagram
    participant User as End User
    participant SDK as Your App with Dynamic SDK
    participant Dynamic as Dynamic Backend

    User->>SDK: Initiates sign-in (email, wallet, social, etc.)
    SDK->>Dynamic: Sends auth request (OTP code, wallet signature, OAuth callback, etc.)
    Dynamic->>Dynamic: Verifies credential
    Dynamic->>SDK: Returns JWT + user object
    SDK->>SDK: Stores JWT, establishes session
    SDK->>User: User is authenticated
```

1. The user initiates sign-in through the Dynamic SDK embedded in your app.
2. The SDK sends the authentication data to Dynamic's backend (e.g. the signed message, OTP code, or OAuth callback data).
3. Dynamic verifies the credential and, if [access control](/overview/access-control/overview) passes, issues a JWT.
4. The SDK stores the JWT (in a cookie or in-app storage), builds the user object, and the user is authenticated.

For auth methods and SDK links, see [Auth methods](/overview/authentication/dynamic-auth/auth-methods). For using the JWT to protect your backend, see [Protecting your servers](/overview/authentication/dynamic-auth/protect-servers).