explaingit

hexclave/stack-auth

6,783TypeScriptAudience · developerComplexity · 4/5LicenseSetup · hard

TLDR

Stack Auth is an open-source, self-hostable user authentication platform for web apps that handles sign-in, sign-up, and account management, a free alternative to paid services like Auth0 or Clerk.

Mindmap

mindmap
  root((stack-auth))
    Auth Features
      Email and password
      Magic links
      Passkeys
      OAuth social login
    Account Management
      User dashboard
      Email verification
      Password reset
    Team Features
      Multi-tenancy
      Role-based access
      User impersonation
    Setup
      Next.js integration
      Self-hostable
      REST API backend
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Add Google OAuth, magic link, and passkey sign-in to a Next.js app using pre-built UI components.

USE CASE 2

Build a multi-tenant SaaS product with per-organization member lists and role-based permissions without writing auth from scratch.

USE CASE 3

Self-host the entire authentication server to avoid per-user fees or vendor lock-in from Auth0 or Clerk.

USE CASE 4

Handle machine-to-machine authentication for background jobs or server-to-server API calls with short-lived tokens.

Tech stack

TypeScriptNext.jsReactNode.jsDocker

Getting it running

Difficulty · hard Time to first run · 1h+

Self-hosting requires Node 20, pnpm 9, Docker, and 24 GB of RAM recommended for the development environment.

Dual-licensed under MIT and AGPL, the AGPL component requires you to share your source code if you deploy a modified version publicly.

In plain English

Stack Auth is an open-source authentication platform that handles user sign-in, sign-up, and account management for web applications. It is positioned as a self-hostable alternative to paid services like Auth0 and Clerk. The codebase is licensed under MIT and AGPL, and a hosted version is also available if you do not want to run the infrastructure yourself. The platform works with Next.js, React, and plain JavaScript frontends, and any backend that can call a REST API. It provides pre-built UI components for sign-in and sign-up pages that support email and password login, magic links sent via email, passkeys (biometric login), and social login via OAuth providers like Google. These components adapt to dark and light modes automatically. Account settings pages are also included out of the box, letting users update their profile, verify their email, and change their password without any extra setup. Beyond basic login, Stack Auth covers several features that teams typically have to build separately. It includes a user management dashboard for filtering, viewing, and editing user accounts. It supports multi-tenancy, meaning a single deployment can serve multiple organizations, each with their own member lists and roles. Role-based access control lets developers define permission structures and assign them to users or teams. There is also user impersonation for support and debugging, webhook notifications when user events occur, and customizable email templates for sign-up and password reset flows. For machine-to-machine authentication (server-to-server calls, background jobs, and similar scenarios), Stack Auth issues short-lived access tokens. It also manages OAuth tokens for third-party services like Google Calendar, handling token refresh and scope control behind the scenes. Getting started takes a few steps: run an installation wizard command in your project, create an account on the Stack Auth dashboard to get API keys, add those keys to your environment file, and the sign-in and sign-up pages appear automatically. Self-hosting requires Node 20, pnpm 9, and Docker, with 24GB of RAM recommended for the development environment.

Copy-paste prompts

Prompt 1
Integrate stack-auth into my Next.js app to add Google OAuth login and magic link email sign-in using the pre-built components.
Prompt 2
Write the code to protect an API route in Next.js using stack-auth session token verification.
Prompt 3
Show me how to set up role-based access control with stack-auth so only users with the admin role can reach certain pages.
Prompt 4
How do I self-host stack-auth using Docker and connect it to my existing PostgreSQL database?
Prompt 5
Configure stack-auth to send customized email templates for sign-up confirmation and password reset flows.
Open on GitHub → Explain another repo

← hexclave on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.