Auth as a Nav 1.1Service

Nav 1.1

Auth as a Service

You're starting a new app. Or maybe you already have an app. Either way, it needs logins. And signups. And maybe some other stuff.

That leaves you with a choice. Spend weeks doing it right or hustle through it and risk a half-baked result. Or you could use AuthRocket.

AuthRocket covers all the basics: Logins, Signups, Social Login, Password Security, and much more. AuthRocket frees you up to focus on your actual app and quickly check off the Authentication task as finished.


Logins Done Right

LoginRocket gives you ready-to-go logins. You can even customize the look and feel to match your app.

And if you want to host your own logins, we make that easy too.


Registration Forms Too

New user registration is just as easy as logins.

If your user doesn't have an account yet, send them to a matching, LoginRocket-hosted signup page.

Graphic enable signups

Social Auth

Users love social login because it's one less password to remember. That's great but it can be quite the headache to implement. Every social platform has their own tweaks to OAuth2, the APIs change, and the profile data is all formatted differently.

AuthRocket handles all of these complexities for you, unifying everything into one simple API and one consistent profile. Each social login provider takes just a few clicks to enable—and zero code.

Learn more about Social Auth

Connect Multiple Social User Profiles

We've solved the multiple-profile problem by connecting all of a user's social profiles together. Eliminate user confusion, duplicate profiles and the resulting support calls.

Graphic social cubes

Interact with One API, Not a Half-Dozen Different Ones

AuthRocket brings everything related to Authentication into a single, unified API, dramatically simplifying your code. New users, existing users, social profiles—everything is normalized before your app sees it.

Graphic one api 2

Email Verification

Not every app needs to verify user emails, but if you need it, you need it, right? With just a couple of clicks, you can enable automatic verification of emails.

Learn more about email verification

Custom Domains

By default, hosted logins and signups get a selectable subdomain on loginrocket.com. For a more unified branding experience for your users, add a custom domain like login.yourdomain.com.

Graphic custom domains 3

"I integrated AuthRocket today and it works really easily.   :)   Very impressed."

- LUC H.

ManagementNav 2.1UI

Nav 2.1

Management UI

AuthRocket's management portal covers all the basics and more. Find and manage users, add memberships and permissions, reset passwords, and everything else you'd expect to be able to do. It's all there, and you don't have to code any of it.


Filter and Sort

The management UI includes lots of niceties—the things you might want to add, but never seem to get around to. Filter and sort users by name, last login, or signup date.

Screenshot 2 filter

Real-time Search

Use real-time search to find users and orgs (groups) by name, email, IDs, and other data.

Tour ani 5

CSV Export

What happens when someone in marketing needs a list of users? Ever had to open a database connection and write a SQL query? We all know that's not how it's supposed to go.

With AuthRocket you won't even have to be involved. Your friendly marketer can login to AuthRocket directly and export their own CSV, all without interupting your workflow.

Screenshot 3 export

Automatic Emails

Every user action in AuthRocket has the option to trigger email messages—to the user or to you.

  • Want to be notified when a new user signs up? Check.

  • Want to send a welcome email to new users? Got it.

  • How about customizing the forgotten password email? Yep—every email can be fully customized (or turned off).

Learn more about automatic emails

Phone front

UI Connect

It's one thing for your app to talk with AuthRocket using the API, but what about connecting AuthRocket to your app's admin UI?

With UI Connect, simply configure template URLs for your app and we'll automatically build UI buttons linking back to your app.

Screenshot 5 ui connect

"Thank you for your awesome work. We love AuthRocket."

- JANOS K.

Sessions Nav 3.1and SSO

Nav 3.1

Sessions and SSO

Managing the session lifecycle has historically been a challenge. AuthRocket gives you complete visibility and control over the full lifecycle of every user session.


Managed Sessions

AuthRocket includes full session management, including tracking and enforcing logouts. View active sessions, associated IPs and clients, and even terminate any session at any time.

Learn more about sessions

Screenshot 8 sessions

Single Signon

Have multiple apps? Web + mobile perhaps? Microservices? Planning to? Worried that your boss will ask for single signon someday?

AuthRocket makes SSO completely painless. With AuthRocket, adding a second app, or a third takes only a few minutes. It's so easy your boss just might mistake you for a superhero.

Learn more about AuthRocket SSO

Tour 3.1 graphics

Seamless Logins Between Apps

Using one password to access multiple apps is already great, but what about a true seamless login experience? Jump between apps (or microservices) without having to login again.

The amazing part? It doesn't even take extra code. AuthRocket cleverly handles everything for you—each app just sees a normal login.

Tour 3.2 graphics

User Impersonation

Our API easily allows you to create login sessions for any user. Use it for impersonating a user, building complex authentication flows, or even bridging the gap between multiple authentication sources.

Learn more about creating login sessions

Enforced Logouts

When a user signs out, how do you enforce the end of their session? AuthRocket knows when a session has ended and can guarantee the user has logged out. If your app needs this, we've got you covered.

Universal Logouts

Single signoff is the companion to single signon. Ending a session in AuthRocket ends it everywhere for all of your apps.

"The geniuses over at AuthRocket have taken the time to pour over every technical detail of authentication negotiation and management. This level of expertise embedded in a turnkey solution is a rare gem indeed."

- TIMOTHY B.

User Organization Nav 4.1and Security

Nav 4.1

User Organization and Security

Just because AuthRocket is easy to use doesn't mean you have to sacrifice expected features. AuthRocket provides you with flexible ways to organize users into groups, manage memberships and permissions, and much more.


Groups

AuthRocket's data model is surprisingly flexible. One of the places this is most evident is with what we call Orgs, which are a way to organize or group users.

Orgs are useful for groups, accounts, companies, or just about any other conceivable grouping of users.

Learn more about orgs (groups)

Graphic groups 2

Authorization

Each membership for every user can contain permissions information. These work like tags for a blog. Use them for permissions, roles, or even other attributes of membership—basically anything that's meaningful to your app.

Learn more about memberships/permissions

Screenshot 6 authorization

Custom Attributes

Users, orgs, and other core record types all allow you to save custom attributes.

Custom attributes aren't an add-on and don't require extra API calls. They make your development easy by saving extra data where it belongs—right with everything else.

Screenshot 7 attributes

Sub-accounts (Environments)

AuthRocket gives you multiple sub-accounts for free (we call them Realms), so you have the option to isolate Production data from Staging. Or Development from QA. Or even App A from App B.

Graphic environments 2

Feature Complete API

Our API covers the entire service, not just core objects like users and memberships. Want to automate configuration of your account (or even provisioning of sub-accounts)? No problem.

Every API is available to all accounts and is fully documented.

Graphic feature complete

API Key Management

Does your app offer an API to your users? AuthRocket has built-in API key management which securely manages your API keys just like all your other authentication data.

API keys can have permissions and be assigned membership in orgs/groups. Rolling API keys (with overlap before the old one expires) is supported too.

Event-driven Architecture

Sometimes you want to know what's happenening with your user data. AuthRocket generates an event for nearly every action in the system (28 event types and growing). Login and signup events are tallied up and included on your app's dashboard.

All events are viewable in the UI, and can also be configured to trigger webhooks back to your apps, making it easy to stay aware of what your users are up to.

Learn more about events

Screenshot 9.2 events

Best-practices Security

The security of your user accounts is important. We've covered all the bases—probably a lot more than you'd have time to address yourself.

    Icon green check
  • Rate-limiting login attempts
  • Icon green check
  • Adjustable password complexity requirements
  • Icon green check
  • Encryption of sensitive data before storage in database
  • Icon green check
  • Slow-hashing of passwords
  • Icon green check
  • Audit history of login activity
  • Icon green check
  • Logs auto-filtered to exclude passwords
  • and much more.

Zero-touch Passwords

Improve security risk management by never seeing user passwords. In the world of credit cards, it's now a best practice for credit card numbers to go directly to a payment processor and to interact only with a secure token. We've brought the same concept to passwords.

With AuthRocket, it's possible for passwords to never go through your servers. Even if you host your own login and signup forms, use authrocket.js to convert passwords into a signup token which can safely be sent through your server.

Ready to punch authentication code in its face?