Identity infrastructure for your apps

Authentication, roles, organizations, and a full OAuth2 / OpenID Connect provider. Everything you need to manage who can access what.

Platform

Everything you need, nothing you don't

OAuth2 & OpenID Connect

Standards-compliant authorization code flow with PKCE, client credentials grants, refresh token rotation, and full OIDC discovery. JWT or opaque tokens — your choice.

Roles & Permissions

Define fine-grained permissions with a simple resource:action format. Compose them into roles and assign to users at the environment or organization level.

Organizations

Multi-org support out of the box. Memberships, org-level roles, and email invitations with expiry. Organization context flows into tokens as claims.

Environments

Separate test and production data completely. Each environment gets its own subdomain, users, API clients, and signing keys. Ship with confidence.

Management API

A full JSON:API for every resource — users, roles, clients, scopes, signing keys, organizations, and more. Automate everything or build your own dashboard.

Audit Trail

Every action is logged with the actor, targets, and field-level changes. Know exactly who did what and when — built in from day one.

PKCE

S256 code challenge for public clients. Secure auth flows in SPAs, mobile apps, and CLIs.

Token Introspection

RFC 7662 endpoint for validating tokens without parsing JWTs yourself.

Key Rotation

RSA 4096-bit signing keys with JWKS. Rotate keys without breaking existing tokens.

Rate Limiting

Built-in per-IP rate limiting on auth and token endpoints. Configurable thresholds.

Argon2 Passwords

Memory-hard password hashing with timing-safe verification. No shortcuts on security.

Consent Management

Per-user, per-client consent grants. First-party apps skip the consent screen.

Custom Scopes

Define scopes with claim mappings per environment. Standard OIDC scopes included.

Dashboard

Manage users, roles, clients, keys, and organizations from a built-in admin UI.

Start building

Follow the quick start guide and add login to your app in minutes.

Get Started