Now accepting applications · India & United States

authFI free for
startups & enterprises.

Get the right plan for your stage — free for 1 year. Sign up on the free plan, apply with your billing ID, and we upgrade you.

Apply now → See what's included

No credit card · No strings attached · Build first, pay later

1 year
Free access
$0
No credit card
Instant
Startup approval
100%
Feature access
What's included

One platform. Every identity layer.

authFI replaces 4-5 tools — auth service, SSO provider, cloud IAM manager, infrastructure enforcer, and security analytics — with a single platform. During the program, everything is unlocked.

Authentication
Every login method
AuthFI Connect
Cloud + SCIM + PAM
eBPF Agent
Kernel enforcement
AI Security
ML threat detection
Branded Login
White-label auth UI
Platform
Orgs, RBAC, observability
Authentication

Every auth method. One SDK.

Email/password, social login (Google, GitHub, Microsoft, Apple — all providers), magic links, email OTP, SMS OTP, MFA with TOTP and backup codes. OAuth 2.0 + PKCE. Drop-in SDKs for React, Next.js, Vue, Angular, iOS, Android, and Flutter.

nodejspythongojavarubyphpcsharp

Login methods

Email + passwordSocial loginMagic linksEmail OTPSMS OTPMFA / TOTPPasskeys

Enterprise SSO

SAML 2.0OIDC federationLDAP / ADDomain routingUnlimited connections
AuthFI Connect

One identity. Every cloud. Every server. Every directory.

Connect your users to GCP, AWS, Azure, and OCI — they get temporary cloud credentials scoped to their role. AuthFI is a SCIM provider: push users and security groups to any SaaS. SSH into VMs and on-prem servers via PAM modules — same identity, no separate credentials.

GCP GCP
AWS AWS
Azure Azure
OCI OCI
Multi-cloud IAM
Map roles to GCP, AWS, Azure, OCI IAM. Users get temp credentials for console, API, or CLI. No static keys.
SCIM provider
Push users and security groups to Okta, Azure AD, or any SCIM 2.0 directory. Provision and deprovision automatically.
VM / SSH access via PAM
Install the PAM module on any Linux server. Users SSH with their authFI identity — role-based sudo access, full audit trail.
Security groups
Define groups, assign cloud roles and server access. Change once — propagated everywhere.
// Cloud: scoped GCP token
const gcp = await authfi.cloudToken(
'gcp', { scopes: ['bigquery'] }
)
# SSH: same identity, PAM
$ ssh jane@prod-server
✓ Authenticated via authFI
✓ Role: devops → sudo
AuthFI Agent

One agent. API protection + zero-trust networking.

A single lightweight agent that does two things: enforces identity at the Linux kernel via eBPF, and creates encrypted WireGuard mesh tunnels between your nodes. Protect APIs, expose private apps, connect services — all identity-gated, all from one install.

eBPF API Protection

Every API request is verified at the kernel — JWT signature, expiry, claims, permissions — before traffic reaches your app. No sidecar. No proxy. Zero latency. Unauthorized requests are dropped at the kernel.

JWT enforcementL7 HTTP + L4 TCPAPI auto-discoveryZero latencyAccess logs

WireGuard Mesh + Private Apps

Encrypted peer-to-peer tunnels between your nodes, tied to authFI identity. Expose private apps without VPN or port forwarding. Connect office, cloud, and homelab. Every connection is authenticated — no network access without identity.

WireGuard tunnelsExpose private appsNo VPN neededMulti-siteService-to-service auth
// Install — one command
$ authfi agent install
✓ eBPF program loaded
✓ Protecting port 8080, 443
✓ JWT verification active
✓ Mesh tunnel connected
// Expose private app
$ authfi expose 3000
→ admin-panel.authfi.mesh
# Only users with 'admin' role
# can access this app
# No VPN. No public IP.

5 agent nodes included in the program. Replaces: reverse proxy + VPN + API gateway + WAF.

AI Security Engine

ML-powered threat detection. Not just rules.

Every login and API call is scored for risk in real-time. The engine learns normal behavior and flags anomalies — impossible travel, credential stuffing, brute force, session hijacking. Auto-block, force MFA, or alert your team. Write security policies in natural language — AI translates them into enforceable rules.

Risk scoring on every request
Anomaly detection (impossible travel, new device)
Auto-block and auto-MFA enforcement
Breached password detection
Natural language policy builder
AI Agent Auth Protocol (MCP)
Session analysis and fingerprinting
// Write policies in English
authfi.policy("Block login
if user is logging in from a
new country and has no MFA")
// AI translates to rules:
→ geo_anomaly + !mfa_enabled
→ action: block + notify
Branded Login Pages

Your brand. Your login. Zero authFI branding.

Every tenant gets a fully customizable login page — your logo, colors, fonts, and copy. Custom domain or subdomain routing. Per-org branding for B2B. Remove all attribution. Custom CSS for pixel-perfect control.

Ayush Healthcare branded login page on authFI
ayush.authfi.app — fully branded Zero authFI attribution
Custom domain
login.yourdomain.com with auto SSL
Subdomain routing
{slug}.authfi.app for each tenant
Full white-label
Your logo, colors, fonts — remove all authFI branding
Per-org branding
B2B customers see their own brand at login
Custom CSS
Pixel-perfect control over every element
Platform

Everything else you need. Built in.

🏢
Organizations (B2B)
Multi-tenant. Per-org users, roles, branding, SSO, and SCIM.
🔄
SCIM Provisioning
Sync users and groups from any SCIM 2.0 directory.
🛂
Roles & Permissions
RBAC with SDK auto-sync. Users → groups → roles → permissions.
🌍
Multi-Region
Data in India, US, EU, or Asia-Pacific. Isolated DBs. Never leaves region.
📊
Audit & Observability
Logs, dashboards, webhooks, SIEM export, OpenTelemetry.
🏥
Healthcare (FHIR)
SMART on FHIR, HIPAA-compliant auth flows, EHR launch.
🤖
AI Agent Auth Protocol
First-of-its-kind. Give AI agents their own identity, scoped permissions, and human-in-the-loop approval. Built on MCP.
🔒
WireGuard Mesh
Encrypted P2P tunnels tied to identity. Zero-trust networking.
Terraform
Terraform Provider
Infrastructure as code. Manage users, roles, orgs, and policies via Terraform.
🧠
MCP Servers
AI code generation with full authFI context. Build auth flows with Cursor, Copilot, Claude.
7 SDKs + API
React, Next.js, Vue, Angular, iOS, Android, Flutter. REST API.
Global Infrastructure

Built for zero downtime.

Your auth is the most critical infrastructure. We treat it that way.

Cloudflare Edge
300+ locations. DDoS protection.
🟢
Zero Downtime
Rolling deploys. Auto failover.
🌍
Multi-Region
India, US, EU, APAC.
🔑
Encrypted
TLS 1.3 + AES-256. RS256 JWTs.
99.99% SLA·DDoS protected·SOC 2 ready·Zero downtime deploys
Program Details

What's free. What's add-on.

Free for 1 year
  • Authentication — all methods
  • Enterprise SSO — unlimited
  • AuthFI Connect — multi-cloud + SCIM + PAM
  • eBPF Agent — up to 5 nodes
  • AI Security — ML threat detection
  • AI Agent Auth (MCP)
  • Organizations + SCIM provisioning
  • WireGuard mesh networking
  • Healthcare module (FHIR)
  • Roles, groups, permissions
  • Branded login — fully white-labeled
  • Multi-region data residency
  • Audit logs + dashboards + webhooks
  • SIEM + OpenTelemetry export
  • Priority support
Paid add-ons (infra costs)
🌐
Custom domains $9/domain/mo
SSL + Cloudflare routing
🛡️
Extra agent nodes $99/node/mo
5 included, add more
📱
SMS OTP $0.05/SMS
Per-SMS credits

Everything else is free. No hidden costs. No overages during the program.

Program Tiers

Pick the plan you need. Get it free for 1 year.

Sign up on the free plan, start a trial on the plan you need, then apply. We convert your trial to 1 year free.

Pro Most startups
$0 /mo for 1 year
normally $299/mo — saves $3,588

For bootstrapped founders, incubator startups, and early funded teams building their first product.

  • 50,000 MAU
  • Unlimited SSO (SAML, OIDC, LDAP)
  • SCIM + Organizations
  • Custom domains + white-label
  • Multi-region data residency
  • Priority support
BootstrappedPre-seedIncubatorStartup IndiaSeed
Business Scale-ups & Enterprise
$0 /mo for 1 year
normally $999/mo — saves $11,988

For funded startups scaling up and enterprises running pilots or migrating from legacy auth.

  • 200,000 MAU
  • Everything in Pro +
  • AuthFI Connect — multi-cloud IAM + SCIM + PAM
  • eBPF Agent — 5 nodes, kernel enforcement
  • AI Security — ML threat detection
  • Healthcare (FHIR) + WireGuard mesh
  • SLA + dedicated support
Series ASeries BEnterprisePilotMigration
Who can apply
Startups less than 5 years old
Bootstrapped or funded (up to Series B)
Registered with Startup India or any incubator
Enterprises evaluating or migrating auth
Building SaaS, API, mobile, or B2B products
Based in India or United States

Not sure which tier? Apply anyway — we'll match you to the right plan.

Process

How it works

1
Sign up free
Create your account on the free plan. Get your billing ID.
2
Apply
Submit your billing ID and admin email. Takes 2 minutes.
3
Get upgraded
Startups are auto-approved after AI review — usually within minutes. Enterprises reviewed within 48 hours.
4
Pay when ready
After your free year, pick a plan at regular pricing. No surprises.
Get Started

Apply now

Already signed up? Apply with your billing ID. Don't have an account yet? Sign up free first.

Your chosen plan — Starter, Pro, or Business — free for 1 year.

Your authFI account

Find your billing ID in Console → Settings → Billing

We'll email you within 48 hours.

FAQ

Common questions

Is it really free?

Yes. You get your chosen plan (Starter, Pro, or Business) completely free for 1 year. No credit card, no hidden fees.

How do I apply?

Sign up for the free plan to get your billing ID. Then apply here with your billing ID and admin email. Startups are auto-approved after AI review. Enterprises are reviewed within 48 hours.

What happens after the free period?

Choose a plan that fits your scale. No pressure — you can downgrade to the free plan anytime.

Can I use it in production?

Absolutely. Production environments, custom domains, SSO — everything you need.

How long does approval take?

Startups are auto-approved after AI review. Enterprise applications are reviewed within 48 hours.

Which regions is the program available in?

India and the United States — wherever authFI edge servers operate. Expanding soon.

What if I need more than included limits?

We'll work with you. The goal is to help you build, not gate features.

Do I need to be a new customer?

Yes. Existing paid customers can contact us for other options.

One platform. Every identity layer.
Free to start.

Free for 5,000 users. Upgrade when you're ready.

Start building free →

Startups and enterprises get 1 year free →