Skip to Content
Identity & Access Management

Auris Documentation

Authentication, authorization, and user management for modern applications. Hosted login, multi-factor auth, fine-grained permissions, enterprise SSO, SCIM provisioning, and SDKs for every stack.

Explore by topic

The documentation is organized into seven main sections. Each covers a different aspect of the Auris platform, from getting started to software licensing and the full API reference.

Get Started
What Auris is, how it works, the platform architecture, core concepts like tenants, applications, and users, and a comparison with Auth0, Clerk, and WorkOS.
Read more →
Authentication Guides
Hosted login pages with OAuth2 + PKCE, social login (Google, GitHub, Microsoft, Apple, and 5 more), magic links, SMS OTP, WebAuthn passkeys, M2M client credentials, and enterprise SSO.
Read more →
Authorization Guides
Role-based access control (RBAC) with hierarchical roles, custom JWT claims for token enrichment, and Zanzibar-style fine-grained authorization (FGA) with an OpenFGA-compatible DSL.
Read more →
User Management
Creating and managing users and roles, B2B multi-tenant organizations with member invitations, SCIM 2.0 automatic provisioning, and CSV/JSON bulk import and export.
Read more →
Admin Console
Manage applications, branding and hosted page customization, email templates, webhooks, user sessions, security settings (MFA, attack protection, IP rules), Actions engine, and audit log streaming.
Read more →
API Reference
Complete REST API documentation with endpoint descriptions, request and response schemas, authentication headers, pagination patterns, error codes, and example payloads.
Read more →
Software Licensing
Protect your software with license keys — online, hybrid, and offline validation, floating seats, device activation, feature gating, usage tracking, and payment automation via Stripe or PayPal.
Read more →

Guides by category

Detailed, step-by-step guides grouped by domain. Each guide includes code samples, configuration examples, and links to the relevant API endpoints.

Authentication

  • Hosted Login PagesOAuth2 Authorization Code + PKCE flow with tenant-branded pages.
  • Social LoginGoogle, GitHub, Microsoft, Apple, Facebook, Discord, LinkedIn, Twitter/X, Slack.
  • Magic LinksPasswordless email-based login with auto-signup for new users.
  • SMS OTPSMS one-time password via Twilio with rate limiting and cooldowns.
  • WebAuthn & PasskeysWebAuthn/FIDO2 hardware keys and biometric passkeys as primary or 2FA method.
  • M2M Client CredentialsOAuth2 client_credentials grant for server-to-server communication.
  • Single Sign-On (SSO)SAML 2.0 and OIDC identity provider federation via Keycloak brokering.

Authorization

Organizations

  • B2B Multi-TenantMulti-org with owner/admin/member/viewer roles and token-based invitations.
  • Enterprise SSOPer-organization SAML/OIDC connections with domain verification.

User Management

  • Managing UsersUser lifecycle: create, update, disable, delete, role assignment, and metadata.
  • SCIM ProvisioningSCIM 2.0 automatic provisioning from Okta, Azure AD, and any compliant IdP.
  • Import & ExportBulk import from CSV/JSON with progress tracking and error reporting.

Security

Licensing

  • Software LicensingLicense key validation, device activation, offline fallback, and feature gating with the JS SDK.
  • Licensing in Any LanguageREST API examples in C#, Rust, Go, Python, Java, C/C++ — no SDK required.
  • How Licensing WorksPolicies, keys, validation modes, floating seats, offline activation, and revocation.
  • Licensing API ReferenceAll licensing endpoints: policies, keys, seats, devices, floating, offline, audit, and automation.
  • Licensing ConsoleAdmin UI guide for managing policies, keys, floating seats, devices, and audit logs.

SDKs and tools

Official SDK packages for integrating Auris into your application. All JavaScript-based SDKs are TypeScript-first with full type definitions, tree-shakeable, and published as both ESM and CJS. The PHP SDK supports PHP 7.4+ with zero external dependencies.

The JavaScript SDK provides the core client with OAuth2 PKCE, token management, magic links, social login, M2M authentication, permissions checking, FGA queries, and webhook signature verification. The React SDK wraps it with AurisProvider, hooks (useAuris, useUser, usePermissions, useFga), and components (AuthGuard, PermissionGate). The Next.js SDK adds server-side session helpers, Edge middleware, and route protection.

View full SDK documentation