BastionAuthv1.3
Open Source · Self-Hosted · Free up to 10K Users

Add auth to your app in 5 minutes.
Own every byte of data.

BastionAuth is an open-source authentication SDK — like Clerk or Auth0 — that runs on your servers. Your users get a polished sign-in experience. You keep full control of the data.

// Install npm install @bastionauth/nextjs // Wrap your app — done. <BastionProvider> <SignIn /> </BastionProvider>

Why does this exist?

Hosted auth services are convenient — but they come with trade-offs that matter more as you grow.

Hosted Auth (Clerk, Auth0)
  • User data lives on their servers — you don't control it
  • Per-user pricing that scales unpredictably as you grow
  • Vendor lock-in — migrating away is painful
  • Can't meet strict compliance (HIPAA, FedRAMP) without workarounds
BastionAuth
  • Data stays on your servers — full ownership
  • Free for up to 10K users — pay only for your infrastructure
  • Open source — no lock-in, fork anytime
  • Deploy inside your compliance boundary — HIPAA, FedRAMP ready

See it in action

One product, three perspectives — the people who sign in, the developers who build it, and the team leads who manage it.

📝
Sign Up
Email/password or one-click OAuth
🔗
Social Login
Google, GitHub, Microsoft, Apple
🔐
MFA Setup
TOTP app, backup codes, or SMS
🏠
Dashboard
Profile, sessions, security settings
End Users are the people who sign in to your app. They get a polished auth experience — sign up, social login, MFA, password reset — all working out of the box. You don't build any of this UI yourself.

Everything you need, nothing you don't

Production-ready auth features, all included out of the box.

Drop-in Components

Pre-built <SignIn />, <SignUp />, <UserButton /> components. Add auth UI in one line of code.

Multi-Factor Auth

TOTP authenticator apps, backup codes, and SMS verification. Enable with one config toggle.

Organizations & Teams

Multi-tenancy with role-based access control, invitations, and team management built in.

Enterprise Security

Audit logs, session management, brute-force protection, and rate limiting by default.

OAuth & SSO

Google, GitHub, Microsoft, Apple, and SAML SSO. Configure providers in minutes.

Self-Hosted

Deploy on your own infrastructure. Docker, Kubernetes, or bare metal. Your data never leaves.

Built for teams like yours

Whether you're a startup, an enterprise, or anything in between.

🚀

Startups

Stop paying per-user auth taxes that eat into your margins. BastionAuth is free up to 10,000 monthly active users. Just pay for your server.

Free up to 10K MAU
🏛️

Regulated Industries

Healthcare (HIPAA), government (FedRAMP), and finance teams — deploy inside your compliance boundary. User data never leaves your infrastructure.

HIPAA & FedRAMP ready
🔒

Privacy-Conscious Teams

Full control over your users' data. No tracking, no data mining, no vendor reading your user records. You own it all.

Complete data sovereignty

How does it compare?

Same developer experience, fundamentally different ownership model.

FeatureBastionAuthClerkAuth0
Data ownershipYou own itVendorVendor
PricingFree + infra costPer user / monthPer user / month
Self-hostedYesNoLimited
Open sourceYes (MIT)NoNo
Drop-in componentsYesYesPartial
MFAYesYesYes
HIPAA / FedRAMPDeploy in your boundaryN/AEnterprise plan

Ready to own your auth?

Get up and running in under 5 minutes. Free forever for up to 10,000 users.

npm install @bastionauth/nextjs