03 · Auth
Why is auth always a third vendor?
Sessions, social sign-in, and organization membership ship with the platform. No separate auth service to wire up, price out, and keep in sync.
What it does
What Auth does
The identity layer most apps rebuild every time, ready on day one.
Sessions that just work
Secure sessions and sign-in flows out of the box. No token plumbing to hand-roll.
Social sign-in
Let people sign in with the accounts they already have, without stitching in an external provider.
Organizations and membership
Multi-user orgs, invites, and roles built in, so B2B apps get teams for free.
One identity across the stack
The same identity guards your deploys, your data, and your preview feedback. One source of truth.
One platform
How Auth fits the one platform
Preview environments inherit auth automatically, so a reviewer signs in to a PR the same way they sign in to production.
Data access and storage buckets respect the same identity, so permissions are not a separate system to reconcile.
Agents act with scoped tokens over MCP, so an automated deploy is still bound by who is allowed to do what.
Stop bolting on an auth vendor.
Sessions, social sign-in, and orgs, included. Free to start, no credit card.