Add user authentication to your application with passwordless login, OAuth, SAML, directory sync, multi-factor authentication, and role-based access control.
User identity
Secure authentication APIs with passwordless login, password hashing with breach detection, OAuth, SAML SSO, directory sync, and MFA support. Focus on your product instead of security protocols.
Select a file to view its contents
Capabilities
Secure password hashing with breach detection, email verification, and password reset flows.
Magic links and PIN codes delivered via email for sign-in without passwords.
SMS verification for sign-up and login with automatic carrier routing by country.
Connect 30+ OAuth providers including Google, GitHub, Microsoft, Apple, and Slack.
SAML 2.0 and OIDC authentication with Okta, Azure AD, and other identity providers.
SCIM 2.0 user provisioning with JIT enrollment and group reconciliation from enterprise IdPs.
Multi-tenant support with organization groups, invitations, and membership hierarchies.
SMS, email, or authenticator app-based MFA with configurable enforcement policies.
SCIM 2.0 user provisioning with JIT enrollment and group reconciliation from enterprise IdPs.
Multi-tenant support with organization groups, invitations, and membership hierarchies.
SMS, email, or authenticator app-based MFA with configurable enforcement policies.
JWT access tokens, refresh tokens, and PKCE support with device-based session tracking.
Custom roles with fine-grained permissions and hierarchical access inheritance.
Track login attempts, password changes, and security events for compliance and debugging.
Detect bots, brute force attacks, impossible travel, and suspicious logins with Auth Guard.
AES encryption for sensitive data at rest
JWT validation and session checks
Information Security Management System
Why it matters
Add user registration to your app in under an hour. Call the signup endpoint with email and password. Passwords are hashed securely, verification emails sent automatically, and tokens generated for you.
Enable Google sign-in by calling one endpoint with your OAuth credentials. Users click the Google button, authenticate, and land back in your app with a valid session.
Close enterprise deals faster by offering SSO. Configure a SAML connection in the dashboard, and users can log in with their corporate credentials immediately.
Flip the MFA toggle in your dashboard settings. Admin users now receive a six-digit code via SMS on login. TOTP codes, backup codes, and recovery flows work without writing verification logic.
Built for Your Workflow
Generate OAuth authorization URLs with state validation and PKCE handled automatically. The callback endpoint exchanges authorization codes for tokens and creates user sessions in one step.
Add Google, GitHub, or Microsoft sign-in in minutes without debugging redirect flows.
Create sessions that return JWT access tokens and refresh tokens with configurable expiration. Token validation, refresh rotation, and session invalidation work through a single API.
Deploy authentication without writing JWT signing, verification, or refresh middleware.
Enable SMS, email, or TOTP-based multi-factor authentication with one API call. QR codes for authenticator apps, backup codes for account recovery, and challenge flows generate automatically.
Add multi-factor auth in an afternoon instead of building verification and recovery systems.
Define roles with specific permissions and assign them to users. Roles support inheritance, so an admin role includes all editor permissions automatically. Check user permissions with a single method call.
Enforce access controls across your application without building authorization middleware.
Features
Each feature is designed to handle complex authentication scenarios without building infrastructure.
Create, update, and manage user accounts with profile data and metadata.
Generate and manage API tokens for service-to-service authentication with scoped permissions.
Multi-tenant user groups with membership and team management.
Role-based access control with permissions and policy enforcement.
Multi-factor authentication with TOTP, SMS, and email verification.
SAML and OIDC single sign-on for enterprise identity providers.
Detect bots, brute force attacks, impossible travel, and 9 other threat signals on auth flows.
FAQ
Start building with Conjoin today. Free tier includes everything you need to prototype and launch. Scale when you're ready.