Authentication & Execution Authority
Forge Pool separates authentication according to execution authority rather than user roles.
Instead of relying on a single credential for every operation, the platform distinguishes between human identity, public execution authority, and trusted runtime infrastructure. Each trust domain has its own authentication model and clearly defined responsibilities.
This separation minimizes privilege overlap, simplifies security boundaries, and allows the execution runtime to evolve independently from user-facing services.
Authentication Philosophy
Authentication in Forge Pool is built around three independent trust domains.
| Trust Domain | Purpose | Public |
|---|---|---|
| Human Identity | Authenticate users and manage platform resources | No |
| Execution Authority | Submit distributed workloads through the public API | Yes |
| Runtime Trust | Authenticate trusted execution infrastructure | No |
Each domain uses independent credentials and serves a different purpose within the execution platform.
Execution Authority Model
Forge Pool defines three credential classes.
| Credential | Primary Purpose | Can Execute Workloads | Public Interface |
|---|---|---|---|
| Project API Token | Public execution authority | ✓ | ✓ |
| User Token | Identity and platform management | ✗ | ✗ |
| Node Token | Trusted runtime participation | ✗ | ✗ |
Authentication therefore represents execution authority rather than a generic login mechanism.
Project API Tokens
Project API Tokens are the canonical credentials used to submit workloads through the public execution API.
Authorization: Bearer fpak_XXXXXXXXXXXXXXXXThese tokens are:
- scoped to a single project
- validated by the public API
- associated with billing and quota context
- required for public workload execution
Project API Tokens authorize execution.
They do not represent a human identity.
User Tokens
User Tokens authenticate human users interacting with the Forge platform.
Typical operations include:
- signing into Forge Studio
- managing projects
- creating Project API Tokens
- configuring infrastructure
- managing billing and organizations
User authentication is intentionally separated from workload execution.
Authenticated users manage execution resources, but workloads are executed through Project API Tokens.
Node Tokens
Node Tokens authenticate trusted runtime participants.
They are used internally for operations such as:
- runtime registration
- execution participation
- workload processing
- runtime verification
- execution reporting
Node credentials are never used as public API credentials and cannot be used to submit public execution requests.
Trust Boundaries
Separating authentication domains prevents authority overlap between users, projects, and runtime infrastructure.
This design prevents situations such as:
- user identities acting as execution credentials
- execution credentials impersonating runtime infrastructure
- runtime credentials accessing user-facing platform services
Each credential authenticates exactly one trust domain.
This separation simplifies auditing, improves operational security, and establishes clear execution boundaries throughout the platform.
Public Execution Flow
From the perspective of a public client, authentication follows a simple lifecycle.
User
↓
Project
↓
Project API Token
↓
Forge Pool API
↓
Planetary Kernel
↓
Execution ResultThe internal runtime authentication model remains behind the public execution contract.
Credential Lifecycle
Credentials are designed to support long-term operational management.
Project API Tokens can be generated, rotated, revoked, and replaced without affecting project identity.
User authentication follows the platform identity lifecycle.
Node credentials may be revoked or replaced independently as trusted runtime infrastructure evolves.
Credential lifecycle management provides controlled recovery from credential rotation, infrastructure changes, and compromise events without altering the public execution model.
Verification
Authentication establishes execution authority.
Verification establishes execution trust.
Successful authentication authorizes a workload for execution, while runtime verification confirms how that workload was executed and provides the evidence required for replay, inspection, and independent validation.
Related Documentation
Continue with:
Final Note
Authentication defines who may interact with the platform.
Execution authority defines who may submit workloads.
Runtime trust defines which infrastructure may participate in execution.
Treating these concerns as independent trust domains allows Forge Pool to maintain a stable public execution model while preserving strong security boundaries across the distributed execution platform.
