Anvil Connect

A modern authorization server built to
authenticate your users and protect your APIs.

GitHub Documentation

Google. Microsoft. Salesforce. Deutsche Telecom. They all use OpenID Connect to authenticate their users and protect their APIs. Now with Anvil Connect, you can too.

OpenID Connect

This profile of OAuth 2.0 provides strong identity assurances using simple auth flows that work with browser, server, and mobile applications. The specification also supports discovery, dynamic registration, session management, and encryption.

OAuth 2.0

Sharing passwords is unsafe. OAuth defines a set of authorization flows that let users securely delegate access to their accounts by third party software. OAuth's access tokens can also be used for client-server authentication where user consent isn't required.

JSON Web Tokens

Anvil Connect issues identity and access tokens as digitally signed JWTs. Signatures provide an exceptionally trustworthy mechanism for verifying authenticity. And with their object payload, JWTs can carry everything needed to authorize an API request.

Role-based Access Control

OAuth scopes are a way to define permissions associated with an access token. Anvil Connect allows you to manage different levels of access by grouping permissions into user roles.

All your apps and services

It's not enough to develop for just one platform. You can't afford to maintain monsterous monolithic apps. Your secret backend sauce is a polyglot combination of microservices. No matter the reason, Anvil Connect can centrally manage your users' identities and authorization.

Free and Open Source

We believe critical infrastructure must be 100% open source. Once you’ve committed to such a crucial piece of software, you want to know you’ll always have access and aren’t beholden to the changes endemic to software development.

These are just a few of the OAuth providers Anvil Connect supports for social sign-in.

Just updates. No spam. No one else gets your email.