Businesses have strict policies in place when it comes to sharing user information with external service providers. With SSOfy , all data remains stored in your own database, Authentications are handled by your own backend server.
 - Cubelet Ltd.

No-Store Single-Sign-On (SSO) Server

We don't keep your user and customer data

SSOfy provides an Advanced SSO Server with built-in authentication proxy and authorization based on the industry-standard' OAuth2 protocol and does not store any sensitive information internally, such as user data and credentials. The requested data is securely pulled from the resource server (your API) and delivered straight to the user.
You may integrate SSOfy into existing applications with no-to-minimal changes to your existing code as an additional layer of security on top of your current authentication system. Practice the integration with SSOfy...

Advanced Features

You won't ever code your own Login and Registration forms again

  • Extra Protection, Less Overhead

    Protection against miscellaneous attacks on your authentication system, like DDOS, Brute Force, Hijacking, malformed data, etc. By requiring suspected users to complete challenges before requests are routed to your resource server for the authentication, SSOfy detects malicious requests and prevents abuses.

    The powerful built-in validators for usernames, emails, phone numbers, passwords and namesNEW, makes it possible to develop your strategy for key credentials while dropping unnecessary calls to your resource server API and reducing your server overhead.

  • 2FA (two-factor) Authentication

    Proven and most effective technique of safeguarding user accounts and authentications with OTP codes generated, maintained, rendered, and sent by your own backend server via the service provider of your choice for Email, SMS and Voice Calls. SSOfy hands up and all authority to you!

  • Social Connect

    Make it easier for users to register and login using their already existing accounts with popular social networks. Supporting over 30+ providers including Google, Facebook, X (Twitter), GitHub, Slack, and many more...

  • Multi-tenancy

    Manage SSO for all applications from a single panel. Share your social login configurations, JWT keys, themes, and translations amongst all applications with ease.

  • Custom Domain(s)

    SSOfy functions flawlessly on your own domains or while being proxied through services like CloudFlare in addition to the Hosted Domain offered to you by SSOfy .

  • Free SSL

    SSL is essential for privacy and security. SSOfy has enabled SSL on all URLs for free!

  • JWT Token

    JWT/JWS (Signed Tokens) with the algorithm of your choice. Choose which claims (user information) you want to include in your JWT and SSOfy generates access tokens with standard and globally recognized claims.

  • SLO (Single Log-out)

    No matter what access tokens you generate—JWT or Short-Length-Token— our innovative hybrid approach enables users to log out of the current session and any and all previous logins made on any device. Admins have absolute ownership over login sessions and tokens as just.

  • Sandbox

    Thanks to the Sandbox machine, clients and visual components are supplied with sample data and remain isolated from the rest of the development process, enabling the Frontend team focus on their design and debugging without having to wait for real data.

  • Theme and Personalization

    Creating and customizing themes with the familiar Handlebars syntax, making it a breeze to layout and personalise your login page experience. With SSOfy , you can choose a theme in dark or light scheme that best suits your preferences and matches your organization's brand.

  • i18n (Translations)

    SSOfy 's flexible translation system, with over 10+ languages supported, makes it more accessible to users with diverse language preferences.

  • Performance and Stability

    SSOfy servers are highly scalable and can work side-by-side with your own backend servers to serve millions of concurrent users. In case of any failures at your backend server, you will be alerted instantly with the error code to assist you in troubleshooting.

More than just a login

SSOfy is not just about the login

Password Recovery is a sensitive and complicated process which is made easy by utilizing the same two-factor (2FA) process to allow users to reset their password using available methods (Email, SMS, Voice Call).

User Registration with option to choose which of the claims (user information) you want users to fill out throughout the registration process. Mixed with optional Captcha to help protect against bots and spammers and gain quality users.

The User Profile page offers extensive customization with option to select the level of data visibility on the page, providing users with a chance to update information, reset password, view active sessions and devices on map, and terminate suspicious activities.


Made by developers for developers

Software Development Kits for building Resource Servers and OAuth2 Client for obtaining access tokens is available for various programming languages and frameworks.

Follow us on GitHub to stay tuned with newest SDK and updates.

Frequently Asked Questions (FAQs)

SSOfy offers a secure, no-store authentication server that complies with OAuth2 standards. This means that no sensitive user data or credentials are stored internally. Instead, data is securely queried from the resource server (your API Server) as needed. SSOfy generates and manages access tokens, which should be verified on your backend using middleware. Verification can be performed through JWT or the hybrid approach by API calls to SSOfy.

Startups and enterprises looking for a secure and standard web authentication system can switch to SSOfy with minimal effort on the part of their engineering team.

In a microservice architecture, where a user may need to access multiple services, SSOfy can be especially useful because it allows users to move between services without having to constantly log in and out.
Additionally, SSOfy can be used as a central service for querying user data.

Yes and No.

OAuth2 is a world-class standard for single-sign-on (SSO) implementation. We assume that developers have gone through their own research and evaluated that OAuth2 is the perfect fit for their needs.

OAuth2 is made up of a server application and a client library which redirects users to the server for authorization. Since OAuth2 is a standard, there are a plethora of OAuth2 client libraries for all programming languages available on the internet.

SSOfy as well, offers SDK for various programming languages and frameworks. SDKs are divided into server and client libraries. Server libraries serves data to SSOfy while Client libraries used to access SSOfied login page from client applications.

Not at all.

We knew that companies have strict policies in place when it comes to sharing user information with third-party providers. With SSOfy, all data lives in your own database. Authentications will also be handled by your own backend servers.

SSOfy adds another authentication layer powered by OAuth2 and forwards the credentials to your own backend for the rest of the process.

SSOfy requests information from your server in order to display the user's name, and it anticipates the bare minimum of data to be shown to the user or to you in the dashboard. It is entirely up to you whether to utilize all or some features provided by SSOfy. SSOfy is a highly secure automated proxy software which doesn't monitor or store the data.

This is SSOfy’s part to generate, keep, refresh, invalidate, expire, and link tokens with user sessions. Our mission is to get the burden off the shoulders of developers and companies with the complexities of the development and maintenance of an OAuth2 server.

For user registrations you may choose to use SSOfy's built-in registration page or just set a link to your own registration page or modify the login page's HTML (handlebar) codes to embed your own registration.
SSOfy also offers a convenient "Forgot Password" feature for users who may have forgotten their account credentials. This feature allows users to easily reset their password using their username, registered email, or phone number(via SMS) and also support OTP verification for added security.

Since some websites have no registration pages, SSOfy offers 100% flexibility with your design decisions.


SSOfy can generate JWT/JWS token with the algorithm of your choice.

Additionally, SSOfy's hybrid model has built with verify->cache->invalidate idea in mind, allowing you to take advantage of our unique single-sign-out (SLO) feature.

Yes, you can configure SSO on your own domain. You may also configure as many alternative domains as you want.

You can see a list of active sessions and users, together with useful information about them, and you can log them out at any time.

Of course!

Upgraded plans include full theme personalisation. Within the editor page, you can modify "handlebar" files and see a live change preview.

With the free plan, you can still customize the color scheme, edit links, and choose the visibility of items on the page.

Yes, you can customize texts for a variety of languages supported by SSOfy.


Upgrade your login page to a highly scalable, customizable, and compliant OAuth2 SSO SaaS with 2FA, Social Login and security advantages while maintaining data on your own.