Passport is a white-label Identity & Access Management platform that gives your SaaS product enterprise-grade authentication, RBAC, and SSO — without the Auth0 price tag.
A BizFirstAi product · 5 apps included · Deploy in 1–2 weeks
Stop paying enterprise SaaS tax for IAM you can own outright.
$2,000 – $10,000+ / month
4–12 weeks to build
<$500/month hosting
Passport ships 5 purpose-built frontend applications — every screen your users and admins need, already built and tested.
Complete user and tenant administration with RBAC configuration and audit logging.
White-label authentication screens with every login method your users expect.
Self-service account management so users can stay in control without raising support tickets.
Real-time threat monitoring and compliance reporting for your security team.
Register and manage external applications and debug SSO integrations from one console.
Passport implements 6 provider interface contracts. Swap your IAM backend with a single config line — no changes to any controller or business logic.
Connect to an existing Cognito user pool. Leverage AWS infrastructure with Passport's UI and RBAC layer on top.
Integrate with Microsoft Entra ID for enterprise customers who already live in the Microsoft ecosystem.
Delegate authentication to Okta while retaining Passport's white-label screens, RBAC, and audit trail.
Self-hosted, local SQL, maximum performance. 4–6× faster than cloud IAM. Full data ownership — nothing leaves your infrastructure.
Swap provider with a single config line — no code changes in controllers or business logic. All four providers implement the same 6 interface contracts.
Every critical IAM capability built-in from day one — not bolt-on add-ons you pay extra for.
TenantId is enforced at the database, API, and UI layers. Cross-tenant data leaks are architecturally impossible, not just policy-controlled.
Hierarchical roles with fine-grained permission assignment. A permission resolver pattern with 5-minute cache and fail-secure design.
Every authentication and authorisation event is logged with timestamp, actor, outcome, and context. Non-repudiable records for compliance.
Discourse Connect live now. SAML 2.0 and OIDC on the roadmap. OAuth 2.0 social providers (Google, GitHub, Microsoft) included.
5 purpose-built frontend applications covering every user and admin workflow — login, profile, admin, SSO, and security. Zero custom dev for standard flows.
Data export and deletion tooling, consent management hooks, and compliance reports covering GDPR, SOC2, and HIPAA controls.
Three common deployment patterns — each live in production weeks, not quarters.
A B2B SaaS platform needs enterprise-grade auth — SSO, RBAC, audit logs — but can't justify the Auth0 bill as they scale past 10,000 MAUs.
Outcome: Deploy and customise Passport in 1–2 weeks. Full white-label. Multi-tenant ready for the next enterprise customer on day one.
~$500/month vs. $2–10KAn enterprise with 15 internal tools needs single sign-on. Employees manage separate passwords for each app, causing support overhead and security risk.
Outcome: One Passport deployment, 15 apps registered via SSO Management. Users log in once. RBAC determines which apps each team accesses.
Zero password sprawlA team needs to migrate from AWS Cognito to Azure AD after an acquisition — without downtime or a re-authentication event for users.
Outcome: Change one config line in Passport. The provider interface contract means zero disruption to controllers, business logic, or end users.
Zero disruption migrationOpen standards coverage for every integration scenario — current and future.
Talk to us about licensing Passport for your platform.