Drop-in auth for your apps

Stop rebuilding login.
Ship the rest.

Hosted authentication with email verification, MFA, and JWTs your services verify in ten lines of code. Deploy once, brand it per app.

No credit card required. 60 seconds to first JWT.

import { jwtVerify, createRemoteJWKSet } from 'jose';

const JWKS = createRemoteJWKSet(
  new URL('https://auth.myauthservice.com/.well-known/jwks.json')
);

export async function verify(token) {
  const { payload } = await jwtVerify(token, JWKS, {
    issuer: 'https://auth.myauthservice.com',
    audience: 'myauthservice',
  });
  return payload;
}

Per-app branding

Each consuming service sends its own verify and reset emails from its own domain. Users never see another product’s name.

Stateless verification

Issue rotating JWTs. Other services verify against /.well-known/jwks.json — no callback, no DB hit on every request.

TOTP MFA + sessions

Refresh-token rotation, revocable sessions, TOTP enrollment. Audit log of every auth event in Postgres.

Ready in the time it took to read this page.

Create your account, provision a service client, and start verifying tokens in your app today.

Stop rebuilding login.Ship the rest.

Per-app branding

Stateless verification

TOTP MFA + sessions

Ready in the time it took to read this page.

Stop rebuilding login.
Ship the rest.