Build auth once.
Keep control forever.

Auth Platform gives your team a complete identity layer: hosted OAuth login, consent screens, OAuth 2.0 + PKCE, passkeys (WebAuthn), admin MFA, RS256 JWT sessions, and real-time session revocation from one self-hosted control plane.

Open Dashboard Read Docs
OAuth 2.0 + PKCE Passkeys + MFA RS256 + DPoP-ready Real-time revocation Multi-tenant apps
1Install SDK
2Create Callback Page
3Prompt AI
4Done

Built for teams

Designed for product teams, platform engineers, and security-conscious startups that want modern identity controls without outsourcing core auth. Own the stack, policy, and user data.

OAuth + PKCE
secure code flow by default
RS256
JWTs with optional DPoP support
WebAuthn
passkeys plus admin MFA
SSE
instant force-logout revocation

Capabilities

Modern auth surface.
Operational security built in.

🔒

Hosted OAuth login + consent

Ship a dedicated sign-in and consent flow where your app receives standards-based authorization codes and secure tokens.

🌐

Per-app policy controls

Configure OAuth SSO toggle, OTP, passkeys, redirect URI allowlists, login notifications, and token/session TTL per app.

⚙️

Defense-in-depth defaults

Use rate limits, brute-force protections, HttpOnly cookies, CSRF protection, and sender-constrained token support.

🛡️

Passkeys and admin MFA

Enable WebAuthn passkeys for stronger sign-in and manage admin MFA from settings with OTP verification workflows.

Real-time session control

Force-logout users instantly with SSE revocation signals, plus optional user email notifications for security transparency.

📊

Auditability and activity visibility

Track active sessions, login history, OAuth events, and app-level activity from a single operational dashboard.

Clear handoff

Built for product velocity and security rigor.

Product teams get smoother onboarding, security teams keep enforcement controls, and developers integrate with a small, stable SDK surface.

Layer 1

Authentication

Hosted login with email/password, OTP, and passkeys (WebAuthn), including per-application OAuth SSO enablement.

Layer 2

Authorization + consent

OAuth 2.0 Authorization Code with PKCE, redirect URI validation, and consent flows you can present, approve, and revoke safely.

Layer 3

Token and session security

RS256 JWT lifecycle, refresh handling, session stream revocation, force logout controls, and optional DPoP sender constraints.

Layer 4

Control plane and visibility

Manage apps, users, passkeys, MFA, and security settings while monitoring active sessions and global login activity.

Platform Architecture

Every flow, documented.

NPM SDK · OAuth 2.0 PKCE · Revocation-aware sessions

Auth in <5 lines.
Your users deserve it.

Install with npm, create a callback page, then paste this prompt into your AI editor and ship auth fast.

AI Integration Prompt
# Paste into GitHub Copilot / Cursor / Claude

Use auth-platform-sdk in my Next.js app.
Do exactly this: 1. Install: npm install auth-platform-sdk 2. Create /auth/callback page and set redirect URI to that path 3. Wire SDK in layout + home page with Sign In/Sign Out using AuthProvider and useAuth 4. Done: show final changed files and run commands
# Docs: https://your-auth-server.com/api/docs

Works with GitHub Copilot, Cursor, Windsurf, Claude, ChatGPT

Get started

Start from the dashboard.
Scale with confidence.

Use your own infrastructure, keep your own data, and ship identity with stronger defaults: consent, passkeys, MFA, revocation, and operational visibility.

Go to Dashboard Read the Docs
Getting started in 4 steps
1
Install SDK Run npm install auth-platform-sdk in your app.
2
Create callback page Add /auth/callback and configure the redirect URI.
3
Prompt AI Use the prompt block to generate the integration quickly.
4
Done Start the app and verify login/logout works end-to-end.