AuthN

Modern, open source, web app authentication.

Accounts

AuthN manages a database of user accounts with sign-in credentials like passwords and OAuth identities.

Your application's frontend relies on AuthN for creating accounts, logging in, forgotten passwords, and session maintenance.

Your application's backend relies on AuthN for account moderation actions like locking, unlocking, archiving, and forcing password changes.

Microservice

Service architecture is the safest architecture for your sensitive password data and authentication logic.

Traditional libraries live inside your application's ever-growing security perimiter. Any vulnerability you or your dependencies introduce with an unrelated change is a potential vector for compromised accounts.

AuthN is fast, stable, and secure, no matter your platform.

Features

Usernames & Passwords
Classic signup, login, and logout. Secure, hardened, and isolated.
OAuth Logins
Integrate with login providers such as Facebook, Google, and GitHub.
Passwordless Logins
Log your users in with a simple emailed link.
Business Metrics
Track your active accounts by day, week, and month. See your application's usage and adoption rates!
Sessions for Apps and APIs
Session tokens may be sent with cookies or headers.
Single Sign-On
Sessions may transfer across authorized domains.
Password Reset Tokens
Securely generate, validate, and expire password reset tokens.
Forced Password Changes
Require an account to reset their password before logging in, for any reason.
Account Archival
Delete personal information from archived accounts.
Account Locking
Prevents an account from logging in without permanently archiving it.
Revokable Sessions
Don't just delete session cookies, revoke them permanently.
Session Timeouts
Sessions may expire after inactivity.
Expiring Sessions
Sessions may expire after a hard cut-off.
Password Complexity Validations
One simple setting — 0 to 5 — controls how complex passwords must be. Based on real-world attack patterns.

Compare

AuthN
Library
SaaS
Standalone Service

Remove complexity and responsibility from your application.

Password Vault

Isolate sensitive data with a split database architecture.

Open Source

Free and transparent. No security through obscurity.

Independent

Platform agnostic with no vendor lock-in.

Getting Started

1. Run the AuthN service

Run it locally with Docker:


docker run -it --rm \
  --publish 8080:3000 \
  -e AUTHN_URL=localhost:8080 \
  -e APP_DOMAINS=localhost \
  -e DATABASE_URL=sqlite3://:memory:?mode=memory\&cache=shared \
  -e SECRET_KEY_BASE='my-authn-test-secret' \
  -e HTTP_AUTH_USERNAME=hello \
  -e HTTP_AUTH_PASSWORD=world \
  --name authn_app \
  keratin/authn-server:latest \
  sh -c "./authn migrate && ./authn server"
                

You can now verify it's running by opening http://localhost:8080/health in your browser.

2. Add backend & frontend clients

AuthN integrates with both your backend and your frontend.

Ruby Go
JavaScript