If your stack speaks OpenID Connect, it already speaks NamoID.
Add identity with OAuth 2.1, OIDC, hosted login, and SDKs. Point your app at one issuer URL, use standard discovery, and you’re done — no proprietary lock-in.
Quickstart — pick your stack
Runnable, copy-paste examples for the standard Authorization Code + PKCE flow. Point any one at your project’s issuer URL and change one env var.
- Next.js (App Router)
- Node.js (Express)
- Python (FastAPI / Flask)
- Java (Spring Boot)
- Go, Ruby, PHP, .NET, Rust, or raw curl
Integration paths
Hosted login
Fastest to integrate — we render sign-in and sign-up, you get a session.
Custom UI
Your own screens against our auth endpoints when you want full control of the front end.
Backend token validation
Verify RS256 JWTs against JWKS with no callback to us.
Webhooks
Subscribe to identity events and react in your own systems.
API keys
Server-to-server calls with scoped, revocable keys.
Resource servers + audiences
Audience-bound tokens (RFC 8707) for APIs and MCP servers.
Standards, not surprises
Live today: OAuth 2.1 · OpenID Connect (discovery + JWKS) · PKCE on every flow · RS256 / JWKS · WebAuthn / passkeys · TOTP MFA · refresh-token rotation with replay detection. Planned: DPoP.
No implicit grant. No password grant. PKCE required even for first-party clients.
Built for developers to trust
- Public docs and API reference
- @namoidhq/js, @namoidhq/nextjs, @namoidhq/react on npm
- Runnable examples across ten stacks
- A status page
- A changelog (coming)