Get Started
Authentication and authorization for B2B SaaS. Multi-tenant by default. Sub-millisecond permission checks. Every common auth method, out of the box.
curl https://your-app.authaz.io/api/v1/users \
-H "X-API-Key: mgmt_01h..."A typed, paginated user list scoped to your application. That's hello-world.
First-time setup: Set up your app (60 seconds — keys + redirect URI).
| React → | SPA with @authaz/react. |
| Hono → | Backend with @authaz/hono. Node, Bun, Workers, Deno. |
| .NET → | Management API with Authaz.Sdk. |
Want a complete worked example end-to-end? See Recipes & Cookbook — single-tenant and multi-tenant walkthroughs for every stack.
Multi-tenant out of the box. Customers each get their own users, roles, and config. Pick shared-pool, isolated-pool, or single-tenant — same API.
Fine-grained authorization. Define resources, compose policies, assign roles. Or grant directly per-resource. Either way, checks return in under a millisecond.
Authaz Sign-In, hosted. Login, signup, MFA, social sign-in, passkeys, password reset — themed to your brand, on your own domain. You don't run any of it.
Standards, not lock-in. OAuth 2.0 + PKCE. OIDC userinfo. JWKS for tokens. Any OAuth-aware client works.
your app ─┐ ┌─ Authaz API
│ redirect to Authaz Sign-In │ /api/v1/...
▼ ▲
Authaz Sign-In (Password · OAuth · │
Magic Link · Passkey · SAML · MFA) │
▼ │
user authenticates ──────► auth code ───┘
▼
/oauth2/token ──► access + ID + refresh
POST /api/v1/authorization/check answers "can this user do this?" in <1 ms — same backend, same identity, same tenant.
Setup follows the dashboard's tabs, in order:
| Authentication | Settings (redirect URIs, lifetimes) → Signup → Password · MFA · Magic Link · OAuth · Passkey · SAML SSO · M2M · API Keys |
| Authorization | Resources → Policies → Roles → Access Explorer |
| Tenancy | Multi-tenancy · Tenancy Customization |
| Brand & Host | Branding · Custom Domains · Communications |
| Operate | Users · Analytics · Audit Logs · Application Settings |
| Reference | Core Concepts · Tokens · API |
Organization — your company. Application — a product you ship. Tenant (optional) — your customers' workspaces. User — someone who signs in. Role — a named bundle of permissions. Provider — a way to sign in.
That's the whole vocabulary. Full mental model in Core Concepts.