๐Ÿš€ Kynetra Auth v2.0 is live โ€” 10x faster token verification at the edge ย ยทย See what's new โ†’
Everything you need to ship auth

Enterprise-grade auth,
developer-friendly API

Every feature you'd have to build, maintain, and scale โ€” already done, hardened, and ready for production.

Email & Password Authentication

All Plans

Production-hardened credential auth with Argon2id password hashing, breach detection, and adaptive lockout.

  • Argon2id hashing โ€” OWASP recommended, GPU-resistant
  • Hibp breach check on registration and login
  • Adaptive lockout with exponential backoff
  • Password strength scoring (zxcvbn)
  • Forced rotation on compromise detection
// One-line integration
const { user, token } = await kynetra.auth.signIn({
  email: 'user@acme.com',
  password: 'hunter2'
});

Social & OAuth Login

All Plans

Drop-in OAuth 2.0 for every major provider. PKCE enforced, tokens normalized into a unified user object.

  • Google, Apple, Microsoft, GitHub, Facebook, LinkedIn
  • PKCE enforced on all flows (no implicit grant)
  • Automatic account linking by verified email
  • Custom OAuth 2.0 / OIDC providers on Pro+
  • Normalized user profile across all providers

Passwordless & Magic Links

All Plans

Send a secure one-time link that logs the user in without a password. Works over email or SMS.

  • Cryptographically signed links (HMAC-SHA256)
  • 15-minute expiry, single-use enforcement
  • Domain-bound โ€” links can't be reused on different origins
  • Customizable email templates
  • Rate-limited per address

Passkeys / WebAuthn

Starter+

FIDO2 passkey support for biometric and hardware key authentication. Zero-phishing, no OTP friction.

  • Full FIDO2 / WebAuthn Level 2 compliance
  • Platform authenticators: Face ID, Touch ID, Windows Hello
  • Cross-platform: YubiKey, FIDO2 security keys
  • Credential backup detection (cloud sync)
  • Sign-count clone-attack detection
// Passkey registration โ€” browser-side
const options = await kynetra.passkeys.startRegistration();
const credential = await navigator.credentials.create(options);
await kynetra.passkeys.completeRegistration(credential);

SSO / SAML 2.0

Pro+

Enterprise single sign-on with full SP-initiated and IdP-initiated flows. Connect to Okta, Azure AD, Google Workspace, and any SAML IdP in minutes.

  • SP-initiated and IdP-initiated SSO
  • Attribute mapping with custom claim transforms
  • Signed and encrypted assertions
  • Certificate rotation without downtime
  • Per-domain connection routing
See how Kynetra compares to Auth0, Clerk & OktaStart Free
10B+
Token verifications / month
0.8ms
P99 verification latency
99.99%
Uptime last 12 months
300+
Edge PoPs worldwide