Usernames & Passwords Classic signup, login, and logout. Secure, hardened, and isolated.

OAuth Logins Integrate with login providers such as Facebook, Google, and GitHub.

Passwordless Logins Log your users in with a simple emailed link.

Business Metrics Track your active accounts by day, week, and month. See your application's usage and adoption rates!

Sessions for Apps and APIs Session tokens may be sent with cookies or headers.

Single Sign-On Sessions may transfer across authorized domains.

Password Reset Tokens Securely generate, validate, and expire password reset tokens.

Forced Password Changes Require an account to reset their password before logging in, for any reason.

Account Archival Delete personal information from archived accounts.

Account Locking Prevents an account from logging in without permanently archiving it.

Revokable Sessions Don't just delete session cookies, revoke them permanently.

Session Timeouts Sessions may expire after inactivity.

Expiring Sessions Sessions may expire after a hard cut-off.