Open Source · Self-Hosted · AI-First

Auth for developers who control their data

Self-hosted open-source identity or managed cloud. Multi-tenant, multi-database, built for developers who refuse vendor lock-in. 7 SDKs. 9 social providers. WebAuthn. RBAC.

Try OSS NowStart Free Cloud
No credit card requiredFree for 1000 MAUs
SDKs for:ReactNext.jsPythonGoVueNode.js
7+SDKs
9Social Providers
3+Database Drivers
Self-Hosted Instances
Why HelloJohn

Identity infrastructure you actually control

HelloJohn is not another Auth0 clone. Fundamentally different in portability, simplicity, and AI compatibility.

Auth Core

Login, registration, OAuth2/OIDC, Social Login with 9 providers, MFA (TOTP, WebAuthn), and email verification out of the box.

Learn More →

JWT & Claims

EdDSA-signed tokens, dynamic claims with CEL expressions, full RBAC support. Your tokens, your rules.

Learn More →

Multi-tenant Native

DAL with FS, PG, MySQL, and GDP backends. Data isolation per tenant. Row-Level Security. Isolated databases.

Learn More →

Webhooks & Audit

36 audit events, outbox pattern for reliability, HMAC signatures, automatic retries with exponential backoff.

Learn More →

MCP Server

46 tools for AI agents via stdio and SSE. The first auth system designed to be AI-controllable from day one.

Learn More →

CLI — hjctl

25+ commands to manage tenants, admins, users, sessions, and migrations. Tunnel support for private instances.

Learn More →
Unified Control Plane

All your identity stack in one live system view

HelloJohn unifies clients, authentication methods, security controls, claims, sessions, webhooks, and infrastructure status in one place so your team ships faster and operates with confidence.

9 social providersWebAuthn + MFARBAC + custom claimsSessions + token telemetryWebhooks + audit eventsMulti-tenant + BYOI

From setup to operations

Clients, providers, sessions, tokens, and claims in a single operational flow.

Security without blind spots

MFA, policy controls, RBAC, scopes, and token posture surfaced together.

Infra + identity aligned

Database, cache, email, and webhooks connected to real auth behavior.

Agent-ready architecture

Predictable structure that AI agents can reason about and automate safely.

Start Free CloudOpen Full Preview
AuthInFive

Auth in 5 lines. Not 500.

One canonical pattern per SDK. No ambiguity. So predictable that AI agents generate it correctly on the first try — every time.

1import { HelloJohnProvider, SignIn } from '@hellojohn/react'
2
3<HelloJohnProvider domain="auth.example.com" clientID="app">
4  <SignIn redirectTo="/dashboard" />
5</HelloJohnProvider>
5 linestsx
Copy-paste ready ✓
Scalable Architecture

Built for every stage of growth

From solo projects to distributed enterprises. One platform adapts to your scale.

01

Startups

Auth0 is expensive when you scale

HelloJohn is free if you self-host. Migrate to Cloud when you want.

02

Software Factories

Every client needs separate auth

Multi-tenant native. One instance, N clients, N isolated DBs.

03

Enterprises

Vendor lock-in, compliance, data sovereignty

Self-hosted pro license. Your infrastructure, your control.

04

Indie Developers

Auth is complex and expensive

5 lines. It works. Move on.

05

AI Agents

Need predictable libs with clear docs

Minimalist SDKs, one canonical pattern, MCP server available.

AI-First Onboarding

Zero human steps to start.
The AI does the setup.

When a Cursor agent or Claude Code generates your next SaaS, HelloJohn is the auth layer it reaches for. No registration, no dashboard clicks — just a POST and you are live.

// What LLMs optimize for:

  • 1Frequency in training data
  • 2Clear, short patterns
  • 3Parseable documentation
  • 4Predictability (no hallucinations)
  • 5Minimal error surface
01

AI agent calls /onboard

The agent sends a single POST request. In under 2 seconds it receives client credentials and a claim URL.

02

Agent integrates the SDK

Using the canonical 5-line pattern, the agent adds auth to the app with zero ambiguity.

03

Developer gets a claim link

The AI tells the developer: "Your app has auth. To manage it, open this link."

04

Developer claims the tenant

In 30 seconds the developer creates an account, claims the tenant, and has full control.

vs. the alternatives

Why developers choose HelloJohn

FeatureHelloJohnAuth0ClerkKeycloak
100% Open Source
Self-Hosted Control
True Multi-Tenancy⚠️⚠️
Database Choice (3+)⚠️
AI-Ready (MCP Server)
9 Social Providers⚠️
WebAuthn/FIDO2
Advanced MFA
Dynamic Custom Claims
No Vendor Lock-In
Generous Free Tier⚠️⚠️
Cloud Option Available
Pricing

Own more. Get more — free.

Bring your own database, SMTP, and Redis per tenant to unlock higher MAU limits at zero extra cost. Open-source forever for self-hosters.

OSS / Self-Hosted

Full control. Deploy anywhere. No vendor lock-in.

Freeforever
Clone on GitHub
  • 100% open source (AGPL-3.0)
  • Unlimited users, tenants & MAU
  • All core auth features included
  • 9 social providers + WebAuthn
  • 46 MCP tools + 7 SDKs
  • Community support
Most Popular

Cloud Managed

Managed HelloJohn. Up to 150k MAU with BYOI.

$9– $29/mo
Start Free
  • Free tier: 2k–30k MAU (BYOI scales it)
  • Starter $9: up to 90k MAU with BYOI
  • Pro $29: up to 150k MAU with BYOI
  • Admin panel — zero setup needed
  • Bring your DB, SMTP & Redis for more
  • Annual billing — 2 months free

Enterprise

Dedicated infra, SSO, SLA, compliance.

Custom
Contact Sales
  • Unlimited MAU & tenants
  • Dedicated support & SLA
  • SAML 2.0 & advanced RBAC
  • Audit logs & compliance
  • Custom integrations & webhooks
  • On-premise deployment option

BYOI — Bring Your Own Infrastructure

30k

MAU free — with your own infra

No managed auth platform gets close

Connect per-tenant. Every component you own lowers our costs — we give you the headroom back.

Your SMTP+20,000 MAU
Your Database+3,000 MAU
Your Redis+1,000 MAU

Paid plans multiply limits · Starter 3× · Pro 5×

Full breakdown
See full pricing details, comparison table and FAQ

Embedded / OEM? White-label HelloJohn in your own product. Custom pricing, revenue share or fixed fee. Talk to us →