Documentation
Auth infrastructure that stays out of your way.
KolayLogin is a complete auth platform. Prebuilt sign-in flows, a Stripe-backed billing pipeline, and typed SDKs for every major framework — shipped as a single Docker image you own.
Frontend SDKs
Drop-in auth UI + hooks for every popular framework. Start from a prebuilt<SignIn /> component or compose custom flows with the underlying primitives.
Server SDKs
Verify session JWTs and administer users/organizations from any server runtime.
Install in three steps
Drop your publishable key into NEXT_PUBLIC_KOLAYLOGIN_PUBLISHABLE_KEY, install the SDK for your stack, and wrap your UI with the provider. That's it.
npm install @kolaylogin/nextjs @kolaylogin/reactmiddleware.ts
import { kolayloginMiddleware, createRouteMatcher } from '@kolaylogin/nextjs';
const isProtected = createRouteMatcher(['/dashboard(.*)']);
export default kolayloginMiddleware({
// baseUrl defaults to https://api.kolaylogin.com
isProtectedRoute: isProtected,
});
export const config = { matcher: ['/((?!_next|.*\\..*).*)'] };app/sign-in/page.tsx
import { SignIn } from '@kolaylogin/react';
export default () => <SignIn redirectUrl="/dashboard" />;What's inside
- Email + password, magic link, SMS OTP, Google / GitHub OAuth, passkeys.
- Two-layer cookie session model:
__client(long-lived, rotating) +__session(short-lived JWT). - Per-app RSA keypair & public JWKS — verify anywhere.
- Organizations with invites, custom RBAC, and a per-plan member cap.
- Workspace SaaS billing + end-user subscriptions via Stripe Connect.
- MAU metering, month-end overage invoicing, dunning with grace period.
- Webhooks (HMAC-SHA256 signed) for every lifecycle event.
- Admin SDK (
sk_live_…) for server-to-server user / org management.