SaaS authentication

Identity infrastructure for B2B SaaS.

Authentication, multi-tenant organizations, and authorization — built for products where 'enterprise plan' is on the roadmap from day one.

What you get

Everything B2B SaaS auth actually needs.

Organizations as primitives
Members, roles, customer-managed SSO — all on the same model.
Customer-managed SSO
SAML and OIDC per tenant. Self-serve setup, test mode included.
RBAC and authorization
Roles, scopes, ReBAC, and per-tenant policy in one engine.
Audit and compliance
Immutable logs, exportable to your SIEM. SOC 2 evidence-ready.
Multi-region reliability
Active-active across regions. Sub-50ms decision latency.
Developer experience
Same primitives across TypeScript, Go, Python, .NET, Rust.
Who it's for

B2B SaaS teams shipping product, not auth.

Early-stage B2B SaaS
From your first paying customer to your first enterprise pilot, without rewriting auth in between.
Multi-workspace products
Users belong to multiple organizations. Switching workspaces switches roles, tokens, and policy.
Enterprise software
SAML, SCIM, audit, step-up, and custom domains — every checkbox the procurement form asks for.
AI SaaS and agent platforms
Agent identities, scoped tokens, per-action audit.

Build your auth on a B2B SaaS foundation.

Get early access. Pricing is MAU-based. Security is included on every tier.