Products
For MCP developers
Drop-in OAuth 2.1 for MCP servers
For agent developers
Token vault and tool calling for Agents
For app developers
Complete auth infra for modern applications
Core Auth
Modern Login Methods
Enterprise Auth
Developers
Docs
Documentation and guides for seamless implementation
API reference
REST APIs and code samples
SDKs
Official, secure, and updated libraries
Resources
Customers
Hear from our customers
Release notes
Latest updates & enhancements
Blogs
Industry trends, insights & updates
Pricing
Talk to an engineer
Start for free
API OAuth
Secure your APIs with built-in OAuth
Enable organization-level API access with service accounts
Safeguard user-level API access with user-scoped tokens
Enforce scoped access and short-lived tokens all across
Get started
Learn more
Protect every API call: org-level or user-scoped
API auth done right: no static API keys, no brittle token hacks
Get started
User-scoped tokens
User-scoped tokens
Automate CLI scripts, AI Agents, APIs by enforcing users’ permissions
Eliminate over-permissioned API keys with short-lived, user-scoped tokens
Automatically revoke access when users are deactivated, eliminating dangling credentials
Service accounts
Service accounts
Eliminate shared API keys with short-lived, org-scoped tokens
Enable org-level automations unaffected by team changes
Automate invoice syncs, support ticket pulls, or org-wide analytics and more
Service-to-service communication
Service-to-service communication
Authenticate internal systems with audience-based validation without org or user dependencies
Perfect for microservices, APIs, background workers, and scheduled jobs
User-scoped tokens
User-scoped tokens
Automate CLI scripts, AI Agents, APIs by enforcing users’ permissions
Eliminate over-permissioned API keys with short-lived, user-scoped tokens
Automatically revoke access when users are deactivated, eliminating dangling credentials
Service accounts
Service accounts
Eliminate shared API keys with short-lived, org-scoped tokens
Enable org-level automations unaffected by team changes
Automate invoice syncs, support ticket pulls, or org-wide analytics and more
Service-to-service communication
Service-to-service communication
Authenticate internal systems with audience-based validation without org or user dependencies
Perfect for microservices, APIs, background workers, and scheduled jobs
Protect every API call: org-level or user-scoped
API auth done right: no static API keys, no brittle token hacks
Get early access
Service accounts
Service accounts
Eliminate shared API keys with short-lived, org-scoped tokens
Enable org-level automations unaffected by team changes
Automate invoice syncs, support ticket pulls, or org-wide analytics and more
User-scoped tokens
User-scoped tokens
Automate CLI scripts, AI Agents, APIs by enforcing users’ permissions
Eliminate over-permissioned API keys with short-lived, user-scoped tokens
Automatically revoke access when users are deactivated, eliminating dangling credentials
Service accounts
Service accounts
Eliminate shared API keys with short-lived, org-scoped tokens
Enable org-level automations unaffected by team changes
Automate invoice syncs, support ticket pulls, or org-wide analytics and more
User-scoped tokens
User-scoped tokens
Automate CLI scripts, AI Agents, APIs by enforcing users’ permissions
Eliminate over-permissioned API keys with short-lived, user-scoped tokens
Automatically revoke access when users are deactivated, eliminating dangling credentials
Service-to-service communication
Authenticate internal systems with audience-based validation without org or user dependencies
Perfect for microservices, APIs, background workers, and scheduled jobs
Add “Sign in with [Your App]” in minutes
Fully managed OAuth token lifecycle for your third-party apps. Issue, rotate, and revoke tokens, out-of-the-box
Get started
Register and manage third-party apps
Scoped OAuth credentials for each app to enforce least-privilege access by default
Build your app marketplace
Let partners integrate with secure, scoped access simplifying connections
Coming Soon
Unify identity across all your apps
Eliminate multiple sign-ins and fragmented user profiles. Offer a single login experience across dashboards, vendor portals, and community forums
Single user identity, multiple apps
Single user identity, multiple apps
Simplified login, user deactivation, logout, and session management
Granular access for each app
Granular access for each app
Define which users can access which apps while keeping user identity and login unified
Your APIs deserve smart, purpose-built auth
Get started
Stack-ready SDKs
SDKs for Node.js, Python, Go, and Java plus REST APIs and code samples
Secure by design
Battle-tested security - GDPR, CCPA, SOC 2, ISO compliant
Easy token rotation
Rotate credentials to keep your APIs secure without downtime
Flexible API auth
Manage workflow either programmatically or with dashboards
Secure your APIs today!
Replace API keys with OAuth-powered tokens that are scoped, short-lived, and machine ready.
Get started
