1auth.
Now with Organizations & Teams

Authenticationinfrastructurefor modern apps

One backend for every app. Magic links, OAuth, passkeys, organizations — ship auth in minutes, not months.

Open Platform ConsoleView Documentation
10k+
API Requests / day
99.9%
Uptime SLA
<50ms
Auth Latency

Works with any framework

FastAPIDjangoFlaskNext.jsReact

Features

Everything you need to ship auth

From magic links to organizations, one API covers every authentication pattern your apps need.

Multi-App Isolation

Each app gets completely separate users, tokens, and OAuth credentials. Same email, different apps — by design.

Magic Links

Passwordless authentication via email. One-time tokens, no passwords to manage or breach.

OAuth Providers

Google, GitHub, and Apple OAuth with PKCE. Per-app credentials, no global fallback.

Organizations & Teams

Built-in org structure with roles, invitations, and team management scoped per-app.

Admin Dashboard

Manage users, view audit logs, configure OAuth credentials, and monitor stats per-app.

Security First

RS256 JWT, bcrypt hashing, rate limiting, token encryption, account lockout, and audit trails.

Developer Experience

Add auth in
five lines of code

Install the SDK, verify tokens, and protect your routes. The SDK handles JWT validation, key rotation, and audience verification automatically.

  • Auto-fetches JWKS keys with smart caching
  • Validates audience claims per-app automatically
  • Type-safe token payloads with full IntelliSense
  • Works with any Python framework — FastAPI, Django, Flask
auth_middleware.py
# Install: pip install 1auth
from oneauth import OneAuth
 
auth = OneAuth("https://1auth.one", app_id="my_app")
 
# Verify any incoming token
payload = auth.verify_token(request.headers["Authorization"])
 
# That's it — user is authenticated
print(f"Hello, {payload.email}!")

How It Works

Up and running in three steps

From signup to production in minutes. No infrastructure to manage, no auth logic to write.

1

Register Your App

Create your app on 1Auth, configure OAuth providers and redirect URLs from the dashboard.

2

Integrate the SDK

Install the Python SDK, add your app_id, and verify tokens with a single function call.

3

Ship It

Your users can now sign in with magic links, OAuth, or email+password. You focus on your product.

Security

Built secure by default

Defense in depth — every layer hardens your authentication stack.

RS256 JWT

Asymmetric signing with auto-rotating keypairs

PKCE OAuth

Proof Key for Code Exchange on all OAuth flows

Token Encryption

Fernet encryption for OAuth tokens at rest

Rate Limiting

Endpoint-level rate limits prevent brute force

Account Lockout

Auto-lock after 5 failed attempts, 15-min cooldown

Audit Logging

Every auth event logged with 90-day retention

No Tokens in URLs

Exchange code pattern prevents token leakage

Refresh Rotation

Single-use tokens with family-based revocation

Ready to stop building auth?

Get started for free. No credit card required. Your first app is live in under five minutes.

Open Platform ConsoleRead Docs

Free tier includes 10,000 monthly active users