Sign in with Google — or type any @gmail — and get a signed JWT in seconds. No account. No setup. Embed real roles, permissions, and seed data. Perfect for Playwright, Jest, Cypress, and any CI pipeline.
Only @gmail.com — mirrors real Google SSO constraint
Any key-value pairs embedded directly into the JWT. Core OIDC fields protected.
No SDK to install. One POST to /auth/mock returns a signed JWT. Works in any language.
Same signature algorithm and secret as production auth. Your app can't tell the difference.
Pass a JSON seed object. Any key-value lands in the JWT. Admin, Viewer, Billing — your choice.
DELETE /admin/cleanup purges all ghost users after your test suite. CI-friendly.
Drop-in ghostSignIn() helper. One call injects JWT into localStorage. E2E tests in 3 lines.
The service returns 404 without GHOST_MODE=true. Impossible to accidentally expose in prod.