KolayLogin
Developer-first auth platform

Ship auth in hours.
Scale to millions.

Secure sessions, OAuth, magic links, passkeys, MFA — plus a console that feels like a product. Open-source core. Self-host or cloud.

No credit cardFree dev instanceSOC 2 ready
Primitives

Everything you need,
nothing you don't.

Secure by default
Argon2id, AES-256-GCM encrypted secrets, JWKS rotation, strict webhook signature verification.
Multi-tenant
Org → App → Instance. Every query scoped by environmentId. Hard isolation built in from day one.
Fast SDKs
Verify sessions server-side, read session in React, protect routes with Next.js middleware.
Passkeys & MFA
WebAuthn, TOTP, SMS fallback. Enforce at the instance level or per user.
Magic links
Signed, single-use, rate-limited. Custom domains and templates included.
Own your keys
JWKS you control. Rotate signing keys without downtime. Bring-your-own KMS.
Drop-in

Ten lines to production auth.

Wrap your tree, get typed session hooks, and ship. No boilerplate, no custom headers, no state machines to maintain.

View on GitHub
app/providers.tsx
import { KolayLogin } from '@kolaylogin/react';

export default function App({ children }) {
  return (
    <KolayLogin.Provider publishableKey={env.KL_PUB}>
      <KolayLogin.SignedIn>
        {children}
      </KolayLogin.SignedIn>
      <KolayLogin.SignedOut>
        <KolayLogin.SignIn />
      </KolayLogin.SignedOut>
    </KolayLogin.Provider>
  );
}
Ready when you are

Start shipping in
the next 10 minutes.

Free forever for dev instances.