Self-hosted identity engine

Identity infrastructure you actually own

AuthForge is the enterprise identity and access engine that runs entirely on your infrastructure. Argon2id hashing, Ed25519-signed sessions, zero data egress, and sub-millisecond verification at the edge. Replace Auth0 and Clerk — without the per-user tax or the black box.

Configure for your site Sign in

Your users never touch our servers — because there are none.

<1ms

Edge token validation

Bytes of data egress

∞

Users, orgs & tenants

100%

Self-hosted & auditable

Get started

Configure AuthForge for any website

No per-user fees. No black box. Three paths — pick the one that fits you.

Website owner

Open the setup wizard, type your domain, copy the settings to Ratel or your host, then follow the What's next checklist to go live.

Setup wizard

Deploy on Ratel

Push to GitHub, connect Ratel, attach a domain. Login UI, API, and docs ship on one port — live demo at /login.html.

Open Ratel

Developer

Embed sdk/authforge.js, verify JWTs locally via JWKS, or call the REST and gRPC APIs directly.

SDK reference

The platform

Built for teams that can't outsource trust

Four architectural decisions that separate AuthForge from hosted identity providers.

Zero-latency edge verification

A lightweight WebAssembly sidecar synchronizes with the core over an open WebSocket and evaluates session tokens locally — in under a millisecond, with no outbound roundtrip. Authorization decisions happen where your code runs.

Infrastructure-first pricing

No tiers metered on monthly active users or organizations. The entire platform is one optimized binary or Docker container on your own bare metal or VPS. Scale to millions of identities for the cost of the box they run on.

Deep multi-tenancy, natively

Nested B2B hierarchies — User to Organization to Department to Team — modeled at the database core, not bolted on. Granular RBAC roles and permission scopes travel inside every signed session.

Headless developer experience

State machines, auth bindings, and local evaluation exposed as primitives. Drop in unstyled, copy-pasteable Tailwind templates — no rigid iframes, no vendor chrome, full control of your UI.

Security model

Defense in depth, every layer audited

Modern cryptography by default. No legacy ciphers, no shortcuts, no black boxes — every primitive is open and inspectable.

Argon2id password hashing

Memory-hard hashing tuned to the OWASP profile, with an optional server-held pepper for keyed hashing. A database leak alone is not brute-forceable.

Ed25519 signed sessions

EdDSA-signed JWTs carry jti, nbf, issuer and audience. Keys rotate cleanly; every published key stays in the JWKS until its tokens expire.

Zero data egress

Identities, credentials and sessions never leave your perimeter. There is no vendor cloud in the path — data sovereignty is the default, not an add-on.

Constant-time & zeroized

Refresh tokens are 256-bit CSPRNG secrets, stored only as digests and compared in constant time. Pepper and private-key bytes are wiped from memory on drop.

Brute-force resistance

Per-identity lockout gates the login path before the expensive hash runs, and identical responses for unknown users and bad passwords defeat enumeration.

Open & auditable

A compact Rust core you can read line by line, hardened by an in-CI supply-chain gate (cargo-deny) for advisories, licenses, and dependency provenance.

Architecture

One Rust engine today, a hybrid core on the roadmap

Production deployments run a single optimized binary: REST + gRPC, PostgreSQL, and static login UI. Edge WASM and an Elixir mesh are planned — not required for sub-millisecond JWKS verification today.

Edge

Client SDK — live

Vanilla JS SDK plus copy-paste login templates. Verify session JWTs locally against /api/v1/jwks.json in under a millisecond.

HTTPS / TLS 1.3

Mesh

Real-time layer — roadmap

Elixir/Phoenix Channels for session fan-out and outbound webhooks. REST and gRPC cover current needs.

gRPC (Unix socket in production)

Core

Cryptographic core — live

Argon2id password hashing, Ed25519 session signing, multi-tenant RBAC on Axum + Tonic.

SQL migrations

Store

PostgreSQL — live

Users, organizations, sessions, audit events, and signing keys. In-memory demo mode for local quickstart.

Pricing

Infrastructure-first, never per-user

Self-host the core for free, forever. Upgrade to Pro when you need SSO, audit logs, and priority support — never a tax on your growth.

Community

$0USD / month

Self-host, forever free

Get started free

Self-hosted core engine
Unlimited users & organizations
Argon2id + Ed25519 cryptography
gRPC + JWKS APIs
Signup OAuth (Google / GitHub)
Community support

Pro

Popular

$7966USD / monthUSD / month

$790 billed annually

For production teams

Upgrade to Pro

Everything in Community, plus:

Login SSO (Google / GitHub) (live)
Audit logs API (live)
Priority email support (48h SLA)
SAML / SCIM (roadmap)
Outbound webhooks (roadmap)
Guided onboarding & migrations

Enterprise

$500415USD / monthUSD / month

$4,980 billed annually

Maximum assurance

Upgrade to Enterprise

Everything in Pro, plus:

Dedicated solutions architect
Signed DPA & priority SLA
Air-gapped on-prem option
SOC 2 / HIPAA support
Security review & pen-test support

Monthly Annual Save 17%

Need air-gapped deployment, a signed DPA, or a custom SLA? Upgrade in your dashboard or read the plan guide — no calls required.

The Community tier includes the full engine with unlimited users. Pro adds support, SSO-at-login, audit logs, and entitlements — never per-user fees. Features marked roadmap ship to Pro subscribers first. See what's live today.

Developer experience

Production-grade in three commands

Pull the container, mount a key volume, and you have a signing authority publishing a standard JWKS. Verify anywhere with off-the-shelf libraries — AuthForge speaks open standards, not a proprietary protocol.

Standards-compliant JWKS at /api/v1/jwks.json
Distroless image — no shell, runs as non-root
Graceful shutdown, health and readiness probes
Vanilla JS SDK — build any UI you want

deploy.sh

# Run the self-hosted identity core
docker run -p 8080:8080 -p 50051:50051 \
  -v authforge-keys:/app/keys \
  -e AUTHFORGE_PASSWORD_PEPPER="$(openssl rand -base64 32)" \
  authforge:latest

# Edges fetch the public signing keys — no secrets leave the box
curl https://auth.authforge.dev/api/v1/jwks.json
› { "keys": [{ "kty": "OKP", "crv": "Ed25519", ... }] }

app.tsx

import { AuthForgeProvider, useAuth } from '@authforge/react';

export function App() {
  return (
    <AuthForgeProvider authority="https://auth.authforge.dev">
      <Dashboard />
    </AuthForgeProvider>
  );
}

The honest comparison

Own your stack, end the Auth Tax

Hosted identity is convenient until the invoice scales with your success and your users' data lives somewhere you don't control.

Capability	AuthForge	Auth0	Clerk
Pricing model	Flat infrastructure cost	Per monthly active user	Per monthly active user
Data residency	Your servers, always	Vendor cloud	Vendor cloud
Token validation	<1ms, local at the edge	Network roundtrip	Network roundtrip
Source available & auditable	Yes	No	No
Self-hosted, single binary	Yes	No	No
Nested B2B multi-tenancy	Native	Limited	Add-on
Vendor lock-in	None — open standards	High	High

Compliance & governance

Architected to meet your obligations

Self-hosting collapses your compliance scope: when identity data never leaves your environment, you control residency, retention, and access end-to-end. AuthForge is built to support the controls these frameworks require.

SOC 2 ready

Confidentiality & integrity controls

HIPAA aligned

PHI stays inside your boundary

GDPR sovereignty

Residency & erasure on your terms

ISO 27001 mapped

Cryptography & access controls

Own your identity stack.

Deploy AuthForge on your own infrastructure today. No per-user pricing. No data leaving your perimeter. No black box.

Configure AuthForge Read the documentation