Graph Shapes by App Type
A crawl maps your app into a Knowledge Graph. Its shape reflects how the app gates access.
No auth — marketing site
One public zone, fully connected from the entry point.
(/) ─→ /about
├─→ /pricing ─→ /signup
├─→ /blog ─→ /blog/post
└─→ /contact
Public + auth
A public shell and a gated app, joined at the login page. The login → app edge is only crossed after authentication.
PUBLIC AUTHED
(/) ─→ /about
├─→ /pricing
└─→ /login ──[ auth ]──→ /dashboard ─→ /tasks
└─→ /settings
Auth only
The entry point redirects to login, so the graph depends on credentials:
No / bad creds: (/) ─→ /login ⊣ AUTH failure — login is the only node
Valid creds: (/) ─→ /login ─auth→ /dashboard ─→ /tasks ─→ /reports
An auth wall reached without valid credentials is reported as an AUTH failure — not an empty success.
Auth + tiered permissions
Roadmap
Multi-role crawling is planned. Today a crawl runs as a single credential set.
One page set, role-gated. The graph is the union of what every role can reach, with each node tagged by the roles that can see it (denials recorded too).
/dashboard {admin, member, viewer}
├─ /tasks {admin, member, viewer}
├─ /reports {admin, member} ← viewer denied
└─ /users {admin} ← member, viewer denied
Built by crawling once per credential tier, then merging the results.
What the graph records
| On | Attribute | Meaning |
|---|---|---|
| Node | zone | public or authed |
| Node | status | 200, redirect-to-login, or denied |
| Node | accessible by | roles that can reach it (tiered apps) |
| Edge | crosses auth | the login → app transition |
| Run | outcome | auth-only with no credentials → AUTH failure |
Related
- Crawling your application — auth config, exclude patterns, depth limits
- Knowledge Graph overview