DPDP Act 2023India’s data-protection law takes effect 13 May 2027.Read the Act
NamoID
For developers

If your stack speaks OpenID Connect, it already speaks NamoID.

Add identity with OAuth 2.1, OIDC, hosted login, and SDKs. Point your app at one issuer URL, use standard discovery, and you’re done — no proprietary lock-in.

Read the docsSoonView the API referenceSoonStart with Next.js

Quickstart — pick your stack

Runnable, copy-paste examples for the standard Authorization Code + PKCE flow. Point any one at your project’s issuer URL and change one env var.

  • Next.js (App Router)
  • Node.js (Express)
  • Python (FastAPI / Flask)
  • Java (Spring Boot)
  • Go, Ruby, PHP, .NET, Rust, or raw curl

github.com/namoidhq/namoid-examples

Integration paths

Hosted login

Fastest to integrate — we render sign-in and sign-up, you get a session.

Custom UI

Your own screens against our auth endpoints when you want full control of the front end.

Backend token validation

Verify RS256 JWTs against JWKS with no callback to us.

Webhooks

Subscribe to identity events and react in your own systems.

API keys

Server-to-server calls with scoped, revocable keys.

Resource servers + audiences

Audience-bound tokens (RFC 8707) for APIs and MCP servers.

Standards, not surprises

Live today: OAuth 2.1 · OpenID Connect (discovery + JWKS) · PKCE on every flow · RS256 / JWKS · WebAuthn / passkeys · TOTP MFA · refresh-token rotation with replay detection. Planned: DPoP.

No implicit grant. No password grant. PKCE required even for first-party clients.

Built for developers to trust