Production-grade authentication on Cloudflare Workers + D1. 116 features, 90 beyond Clerk. Sub-ms JWT verification at 300+ PoPs.
The Worker is live at kynetra-auth-api.spadensilver-c88.workers.dev. Every endpoint below works at this exact URL — no signup needed for the public ones.
curl -X POST https://kynetra-auth-api.spadensilver-c88.workers.dev/api/auth/signup \
-H "Content-Type: application/json" \
-d '{
"tenantId": "00000000-0000-0000-0000-000000000001",
"email": "you@example.com",
"password": "correct-horse-battery-staple"
}'Six categories of things Clerk simply doesn't have.
Actual HMAC-SHA1 time-based codes, not a regex stub.
Real cryptographic attestation via @simplewebauthn/server.
QEKE, MPC sign-in, duress detection, auth time-travel, and more.
Sub-ms JWT verification on Cloudflare Workers. No origin round-trip.
Anthropic, OpenAI, Google, Mistral, Cohere, or local Ollama.
90 beyond what Clerk offers — managed from a single admin console.
Toggle any of them from a single admin console.
Frontend, backend, database, AI, queues, cron — all bound to one Worker.
Backend runs at the edge. No Node, no servers, no cold starts.
16 tables, ~140KB schema, queries from the closest edge to the user.
Six Cloudflare bindings in production. Cron triggers active.
Frontend served from the same edge. nodejs_compat enabled.
Works like Clerk — your tenants drop in a script tag or hosted redirect and their users get Google / Facebook / GitHub / Apple login instantly. No auth infrastructure for them to build.
Publish a pk_live_ key from the dashboard. Pick your integration path. Tokens return to your callback URL via a URL fragment — no server handling required.
Hosted redirectZero code — link to auth.kynetra.dev/sign-in?pk=…kynetra.jsScript-tag drop-in · live at auth.kynetra.dev/sdk/kynetra.js@kynetra/reactKynetraProvider · useUser() · SignIn componentIntrospection APIServer-side verify — POST /api/auth/introspect with sk_live_…<!-- Option A: redirect users to Kynetra's hosted sign-in -->
<a href="https://auth.kynetra.dev/sign-in
?pk=pk_live_YOUR_KEY
&redirect_url=https://yoursite.com/callback">
Sign in with Google
</a>
<!-- Callback page: tokens arrive in the URL fragment -->
<script>
const p = new URLSearchParams(location.hash.slice(1));
localStorage.setItem('token', p.get('access_token'));
window.location.href = '/dashboard';
</script>Vanilla JS SDK live now. React SDK source-available. Direct REST API for any stack.
<!-- kynetra.js: no npm, no bundler, pure ES2017 -->
<script src="https://auth.kynetra.dev/sdk/kynetra.js"></script>
<script>
const k = Kynetra({ publishableKey: 'pk_live_xxx' });
// Sign in — fetches your enabled providers from /public/config
// and renders branded buttons
k.mount('#sign-in', { redirectUrl: window.location.origin + '/cb' });
// Session helpers
k.isSignedIn(); // → true / false
k.getUser(); // → { sub, email, name, picture }
k.getToken(); // → raw JWT string
k.signOut(); // clears localStorage
</script>Two SDKs ship today. More coming as tenants onboard.
kynetra.jsVanilla JS · live at auth.kynetra.dev/sdk/kynetra.js · no npmLive@kynetra/reactReact provider + hooks · source-available · npm publish pendingSource@kynetra/nextjsApp Router middleware + server helpersSoon@kynetra/nodeServer-side token verification + admin APISoonKynetra Auth is currently available exclusively to qualified enterprise partners. Reach out and tell us your use case — we typically respond within one business day.