Accounts

AuthN manages a database of user accounts with sign-in credentials like passwords and OAuth identities.

Your application's frontend relies on AuthN for creating accounts, logging in, forgotten passwords, and session maintenance.

Your application's backend relies on AuthN for account moderation actions like locking, unlocking, archiving, and forcing password changes.

Microservice

Service architecture is the safest architecture for your sensitive password data and authentication logic.

Traditional libraries live inside your application's ever-growing security perimeter. Any vulnerability you or your dependencies introduce with an unrelated change is a potential vector for compromised accounts.

AuthN is fast, stable, and secure, no matter your platform.

Features

Usernames & Passwords

Classic signup, login, and logout. Secure, hardened, and isolated.

OAuth Logins

Integrate with login providers such as Facebook, Google, and GitHub.

Passwordless Logins

Log your users in with a simple emailed link.

Business Metrics

Track your active accounts by day, week, and month. See your application's usage and adoption rates!

Sessions for Apps and APIs

Session tokens may be sent with cookies or headers.

Single Sign-On

Sessions may transfer across authorized domains.

Password Reset Tokens

Securely generate, validate, and expire password reset tokens.

Forced Password Changes

Require an account to reset their password before logging in, for any reason.

Account Archival

Delete personal information from archived accounts.

Account Locking

Prevents an account from logging in without permanently archiving it.

Revokable Sessions

Don't just delete session cookies, revoke them permanently.

Session Timeouts

Sessions may expire after inactivity.

Expiring Sessions

Sessions may expire after a hard cut-off.

Password Complexity Validations

One simple setting — 0 to 5 — controls how complex passwords must be. Based on real-world attack patterns.

Compare

AuthN

Library

SaaS

Standalone Service

Remove complexity and responsibility from your application.

Password Vault

Isolate sensitive data with a split database architecture.

Open Source

Free and transparent. No security through obscurity.

Independent

Platform agnostic with no vendor lock-in.

Getting Started

1. Run the AuthN service

Run it locally with Docker:


docker run -it --rm \
  --publish 8080:3000 \
  -e AUTHN_URL=localhost:8080 \
  -e APP_DOMAINS=localhost \
  -e DATABASE_URL=sqlite3://:memory:?mode=memory\&cache=shared \
  -e SECRET_KEY_BASE='my-authn-test-secret' \
  -e HTTP_AUTH_USERNAME=hello \
  -e HTTP_AUTH_PASSWORD=world \
  --name authn_app \
  keratin/authn-server:latest \
  sh -c "./authn migrate && ./authn server"

You can now verify it's running by opening http://localhost:8080/health in your browser.

2. Add backend & frontend clients

AuthN integrates with both your backend and your frontend.

Backend:

Ruby

Go
Frontend:

JavaScript

3. Integrate features

Basic Features

Other Guides

All Documentation