03 · Authentication

Auth that's
done in
an afternoon.

Everything authentication should be: email and password, 20+ social providers, magic links, MFA, passkeys, multi-tenant orgs, and role-based access control — all built in, fully managed, and ready to integrate in minutes.

Start free → Compare options

The problem

Auth is deceptively hard

Secure password hashing, session management, token rotation, OAuth callback flows, CSRF protection — every detail matters, and getting one wrong creates a security vulnerability.

Building it yourself takes weeks

A minimal auth system takes 2–3 weeks. A complete one with social login, MFA, and multi-tenant orgs can take 3 months. Every week you spend on auth is a week not spent on your product.

SaaS auth charges per user

Most managed auth platforms charge per Monthly Active User. As your user base grows, your auth bill grows with it — sometimes becoming your largest infrastructure cost.

Everything included

Complete auth.
Not partial auth.

📧

Email & password

Secure bcrypt hashing, email verification, forgot-password flows. The foundation, done right.

🌐

20+ OAuth providers

Google, GitHub, Apple, Microsoft, Discord, Slack, LinkedIn, and more. One line to add each.

✨

Magic links

Passwordless login via email link. One-time tokens, expiring in minutes. Zero friction for users.

🔐

MFA & passkeys

TOTP (Google Authenticator), SMS OTP, and WebAuthn passkeys. All supported, all configurable.

🏢

Multi-tenant orgs

Users belong to organizations. Invite, remove, transfer ownership. Perfect for SaaS and agency apps.

🔑

RBAC

Define roles and permissions. Admin, member, viewer — or any custom roles. Enforce at the API level.

🧩

Drop-in UI components

Pre-built React sign-in, sign-up, MFA, and org management UIs. Fully customizable to your brand.

📊

Auth analytics

Sign-up trends, active sessions, failed login attempts, MFA adoption rate. Spot anomalies early.

How it works

15 minutes
from zero to
full auth.

Create an auth project

One click in the dashboard. Your auth instance is provisioned with a unique API endpoint and credentials.

Configure your providers

Enable email/password, add social providers with your OAuth credentials, turn on magic links — all from the UI.

Integrate the SDK

Install our SDK or use the REST API directly. Drop in the pre-built UI components or call the API from your existing forms.

Configure orgs and roles

Enable multi-tenant orgs, define your roles and permissions, and deploy. Your users can now sign up, invite teammates, and manage access.

TYPESCRIPT
import { createOnvixAuth } from'@onvix/auth'const auth = createOnvixAuth({
  projectId: process.env.ONVIX_PROJECT_ID,
  providers: [
    emailPassword({ verification: true }),
    google({ clientId: process.env.GOOGLE_CLIENT_ID }),
    github({ clientId: process.env.GITHUB_CLIENT_ID }),
    magicLink(),
  ],
  multiTenant: true,
  mfa: { totp: true, sms: true },
  rbac: {
    roles: ['owner', 'admin', 'member'],
    defaultRole: 'member'
  }
})

// All endpoints ready to use:// POST /auth/sign-up/email// GET  /auth/sign-in/google// POST /auth/magic-link/send// POST /auth/mfa/verify// POST /auth/orgs/invite

Real world scenarios

SaaS product

Team collaboration with org-level access

A project management SaaS uses multi-tenant orgs so teams can invite colleagues, assign admin or member roles, and keep data isolated by workspace. Users switch between orgs without logging out.

Agency platform

White-labeled auth per client

An agency builds a platform serving 18 brands. Each brand is an org with its own members and custom roles. The agency's developers are admins across all orgs. Auth took one afternoon to set up.

Consumer app

Reducing sign-up friction with magic links

A consumer app switches from passwords to magic links. Sign-up friction drops, password reset support tickets disappear. User retention improves because there are no forgotten passwords to stop a return visit.

How we compare

Feature	ONVIX	Open-source BaaS	Cloud Identity	Auth-only SaaS
Multi-tenant orgs	✓ Built-in	Plugin required	Complex config	✓
Pricing model	Flat — no MAU fees	Open source / self-host	Per MAU	Per MAU
Magic links	✓	✓	Limited	✓
Passkeys (WebAuthn)	✓	Partial	✓	✓
Drop-in React UI	✓	Limited	Hosted page only	✓
Free tier	✓ Always	Self-hosted	Limited	Very limited
Integrated with deploy + DB + email	✓ One platform	Partial	✗	✗

Frequently asked

What login methods are supported?

Email and password, 20+ OAuth providers (Google, GitHub, Apple, Microsoft, Discord, Slack, and more), magic links, SMS OTP, TOTP (Google Authenticator), and WebAuthn passkeys. You enable each with a single line of configuration.

How does multi-tenant work?

Users can belong to multiple organizations. Each org has its own member list with independent roles. Your app can read the user's current org context from the session token to scope data access per org. Invite flows, member management, and role assignment are all handled by our API and UI components.

Is pricing based on Monthly Active Users?

No. Unlike most auth providers, we charge a flat monthly fee per project — not per user or per MAU. Your auth costs are the same whether you have 100 users or 100,000.

Can I migrate from my current auth provider?

Yes. We provide migration tools for most major providers. Passwords are migrated using a hash-on-next-login strategy — users don't need to reset passwords. OAuth accounts are linked automatically on first social login.

Do you provide login UI components?

Yes. Pre-built React components for sign-in, sign-up, forgot password, MFA enrollment, and org management. Fully styled but customizable — pass your own CSS classes or override the theme entirely.

What's in the free tier?

Up to 1,000 Monthly Active Users on the free tier. All login methods enabled. Multi-tenant orgs, RBAC, and MFA all included. The free tier is a real, fully featured auth system — not a 30-day trial.

Early Access

Auth in an afternoon. Free to start.

All five products include a generous free tier. No credit card required. Pricing announced at launch — early waitlist members lock in founding rates.

1,400+ builders already signed up · Free tier, always

Auth that'sdone inan afternoon.