Implement your own authentication solution on the BearAuth API.
BearAuth is a RESTful API that you invoke from your own backend service.
- Sign up for free at the BearAuth Portal.
- Get an API key.
- Deploy your auth solution in one of the following ways:
- Add an
/authendpoint to your own API using a high-level SDK. - Setup a standalone service in AWS or Azure from a pre-made template.
- Choose complete freedom and call the API any way you like.
- Add an
A RESTful API:
- Identity
- Access (roles, groups, and permissions)
- Passwords (hashing, verification, recovery, strength enforcement, and breach detection)
- Time-based one-time passwords (generation and verification)
- Public key cryptography (key generation, signing, and verification)
- Mock server (testing)
(Coming Soon) API SDKs for the following environments:
- Node.js
- Go
- Ruby
- Python
- Java
- C#
- PHP
(Coming Soon) High-level SDKs for the following authentication flows:
- Basic Auth
- Bearer tokens (JWT)
(Coming Soon) Templates for standalone deployment to the following cloud providers:
- AWS
- Azure
Consultation is also available if you want a custom solution hand crafted for your needs.
With BearAuth, you own your own authentication solution, all for about the same effort and initial cost required to integrate with other SaaS solutions. Owning your own authentication solution provides better security, more control, and lower ongoing cost.
BearAuth uses zero-access encryption to protect your secrets. This means that even if BearAuth is compromised, your secrets are still safe.
Zero-access encryption works by encrypting your secrets with your API keys, which BearAuth never stores. Even BearAuth can't decrypt your secrets unless you make a request with an API key.
Other solutions not only don't use zero-access encryption, but they technically can't do so. They have features like login pages that are end-user facing, so they have to be able to decrypt and use your secrets independently. This makes your secrets vulnerable to breaches and misuse.
BearAuth is focused on security, because it's all we do.
The user experience is yours. Your website, your components, your design. No redirecting to a 3rd party login page with pay-to-remove 3rd party branding. No page refreshes to re-authenticate. No fiddling with custom domains pointing to a 3rd party. You just need a single /auth (or equivalent) endpoint in your own API, and we will even provide the implementation.
The API is simple and can be self hosted. If you ever feel like you want to move away from BearAuth, you can replace the API with your own implementation, and you won't have to change your user experience at all. The vendor lock-in is that low.
BearAuth is minimal. The simple and low ongoing cost we pass on to you reflects our focus. We don't need to try to amortize the cost of implementing, maintaining, and supporting a large feature set. Anything we don't do, is a middle markup you avoid.
As you implement your own authentication solution, we can provide consultation engagements for a one-time fee, all the way up to building the whole solution for you on your own infrastructure. Once you have your solution with the features you need, you won't need to pay for more than the ongoing cost of using the API.
We can also help you self-host the BearAuth API itself for an annual subscription fee. This can reduce your costs even further, while providing even more security and control.