Stack Auth is an open-source authentication and authorization platform that provides pre-built UI components, OAuth integration, team management, and session handling for web applications. It offers a complete authentication lifecycle covering sign-in, sign-up, session management, password recovery, and multi-factor security, with support for passkey authentication and OAuth providers including Google, GitHub, and Apple.
The platform includes a team-based permission system with role-based access control, allowing users to be organized into teams with granular permissions for membership management and resource access. It provides server-side session management with cookie-based token exchange, API-key-based authentication for programmatic access, and webhook event delivery with signed, tamper-proof HTTP callbacks and automatic retries. The system also captures client-side analytics and session replays for debugging and usage analysis.
Beyond authentication, Stack Auth handles billing and payments with support for subscriptions, one-time charges, and usage metering for individuals or teams. It includes an email notification system with customizable templates, themes, and user-controlled preferences, along with data storage capabilities for JSON metadata and encrypted secrets on user and team records. The platform offers a production mode with a pre-launch checklist for domain setup, callback locking, and secret rotation.
