Edge-Native
Built for Cloudflare Workers and Workers-native services. Run identity workloads near users while keeping deployment, scaling, and routing in your account.
- Service Bindings architecture
- Durable Object sharding
- Setup-managed resources
An open-source, OpenID Certified™ Identity & Access Platform for Cloudflare Workers — authentication, authorization, and federation on an edge-first architecture.
Pre-1.0. Core protocols are implemented; production hardening and validation are ongoing.
Built for Cloudflare Workers and Workers-native services. Run identity workloads near users while keeping deployment, scaling, and routing in your account.
Certified OpenID Provider profiles, OAuth/OIDC extensions, SAML 2.0, SCIM 2.0, and WebAuthn / Passkeys for passwordless authentication.
Open source under Apache 2.0. Deploy into your own Cloudflare account, inspect the source, and keep infrastructure decisions under your control.
Built-in RBAC, ABAC, and ReBAC authorization. Token-embedded permissions, runtime checks, and policy evaluation for tenant-scoped access control.
PII / non-PII separation, runtime storage profiles, and Hyperdrive-backed external database paths for supported user, custom, PII, and audit planes.
K6 Cloud tests cover representative OIDC workloads; capacity depends on workload shape, Cloudflare plan limits, storage, and sharding.
Test reports →Authrim has no per-user vendor fee — infrastructure cost depends on requests, CPU time, storage, and logging. A rough Cloudflare-cost reference, not a production quote.
Based on Cloudflare Workers pricing with a multiplier for KV, Durable Objects, and D1 from observed Authrim usage patterns.
Note — Infrastructure only. Excludes compliance, monitoring, support, operations, security review, external databases, and large R2/archive usage. Actual cost varies by deployment profile.
TypeScript-first APIs, JavaScript SDKs, and a setup workflow for evaluating and developing edge identity deployments.
Self-hosted control with SAML, SCIM, audit logging, tenant boundaries, and storage / logging controls under active hardening.
Start on Cloudflare with no per-user Authrim fee, then scale based on measured request, CPU, storage, and logging behavior.
Evaluate an open-source identity platform for Cloudflare Workers. Core protocol capabilities are implemented; production hardening is still active.