MicroAuth is a multi-tenant Identity Provider (IdP) and OAuth 2.0 / OpenID Connect server that handles user authentication, authorization, and token issuance for your applications. It’s built to streamline secure logins, role/permission management, and single sign-on (SSO) across different tenants (organizations) under one platform.

Key HighlightsCopied!

1. Multi-Tenant Architecture

   • Each “tenant” can represent a company, environment, or project.

   • Tenants isolate their users, clients, and configuration, perfect for a SaaS or any multi-org system.

2. OAuth 2.0 & OpenID Connect

   • Supports the Authorization Code flow (with PKCE recommended), plus client_credentials for machine-to-machine usage.

   • Implements OpenID Connect to provide ID tokens and a userinfo endpoint for user profile data.

3. Flexible Authentication

   • Integrate with your web apps, mobile apps, or server-to-server calls.

   • Store user credentials locally or extend to external identity providers.

4. Optional 2FA

   • Enhance security by enabling TOTP-based two-factor authentication on user accounts.

   • The flow can prompt for a 2FA step after password-based login.

5. Role & Permissions Management

   • Assign roles, define permissions, and embed them in tokens to restrict or grant resource access.

   • Handy for controlling user privileges in each tenant.

Why Use MicroAuth?Copied!

• Centralized Identity: One place to manage user logins, tokens, and multi-org complexity.

• Standards-Compliant: Follows OAuth 2.0 and OIDC best practices, ensuring secure token flows (PKCE, short-lived tokens, etc.).

• Seamless Integration: Connect your SPAs, backends, or microservices for a consistent login experience.

• Scalable: Designed to handle multiple tenants, large user bases, and advanced security needs (2FA, custom domains).