What is Passage?

Complete User Authentication in 20 Minutes ⏱🚅

🎨 Awesome UI/UX included.

🔒 Forget about tokens and signatures and let Passage level up your security.

Our primary goal is to build a tool that developers love. If you have feedback, we want to hear it (seriously)! You can provide feedback or feature requests using this form or by emails us at hello@passage.id.

Join our Discord Community to ask questions, get updates on new Passage features, learn about cool things that developers are building with Passage!

Ready to go? Get up and running in a few minutes with our Quickstart guide:

pageQuickstart: Embedded Login

User Experience

With Passage, web and mobile applications can support multiple forms of passwordless authentication. Users can sign up and sign in with passkeys, login codes, magic links, and social login:

Passkeys - Passkeys offer a drastically better user experience than passwords or magic links, as they cannot be forgotten or mistyped, and do not require users to transfer their attention away from your application to click an SMS or email link. Passage keeps track of all trusted devices used to login and intelligently provides the smoothest login experience possible.

Login codes - Login codes, often referred to as one-time passwords (OTPs), allow users to input their email address or phone number and receive a 6-digit code via message. They enter this code in their original session to gain access to the application.

Magic links - Users enter their email address or phone number and receive a message containing the unique link. By clicking the link, users are instantly logged in within the current session and in the initiating browser session.

Social login - Users can authenticate with existing Google and Github accounts.

See what Passage will feel like for your users with the Passage Demo.

Security

Security is at the forefront with Passage authentication. Login codes and magic links have strong two-factor authentication in a single step. While passkeys take security even further with device-based authentication. When a user touches their fingerprint reader or completes facial recognition, they are simultaneously asserting something they are and something they have. Passkey data never leaves your user's device, and Passage relies on a combination of hardware-level security and public key cryptography to keep users safe.

To read more about security with Passage, see our security reference below:

pageJWTs

Implementation

Unfortunately, the added benefits of passkeys normally require a great deal of engineering effort. Backend servers must implement multiple authentication systems and there are dozens of frontend screens required to account for all possible users, browsers, operating systems, and hardware capabilities. Despite these complexities, Passage aims to make user authentication the easiest part of building any application. The Passage Element provides a complete authentication frontend that can be instantly added into any application, regardless of framework. A Passage backend library can then be used to easily authenticate users logged in with the Passage Element.

Last updated