Features

• Authentication Flows — OAuth2 authorization code flow, PKCE, client credentials, device authorization
• SPA Authentication — Patterns for securing single-page applications
• Multi-Factor Authentication — TOTP, email, and SMS second factors
• Hooks — Customize the authentication lifecycle with code hooks, webhooks, and form hooks
• Account Linking — Consolidate multiple identities into a single user profile
• Impersonation — Allow admins to sign in as another user
• Session Management — Login sessions, user sessions, and session configuration
• RBAC & Scopes — Detailed guide for implementing role-based access control
• Forms & Flows — Custom forms and server-driven authentication flows
• Multi-Tenant SaaS — Complete guide for setting up multi-tenant authentication
• User Creation Flow — How user registration and creation works