
Your apps' authentication, on your premises
Login, secure sessions, social login and MFA for your applications, without entrusting your user accounts to an American service. SuperTokens is installed and maintained by DINAO in France.
What is SuperTokens?
SuperTokens is an open source authentication solution, a self-hostable alternative to Auth0, AWS Cognito or Okta. It supports all modern login methods: email/password, social login / OAuth 2.0 (Google, Facebook, GitHub…), passwordless (OTP, magic link) and multi-factor authentication (MFA).
Its core competency is secure session management, with token rotation and robust anti-CSRF and anti-session-fixation protections. The architecture decouples the authentication service from your application logic: the 'core' runs independently, facilitating integration via web and mobile SDKs. Self-hosted, SuperTokens is free and has no user limits, keeping all authentication data on your infrastructure — a key advantage for privacy, data control and GDPR compliance.
Host SuperTokens at DINAO
Resource tiers compatible with SuperTokens prerequisites (minimum 1 vCPU / 1 Go / 5 Go). Hosted in France, fully managed.
- 1 dedicated vCPU
- 2 Go RAM
- 20 GB NVMe
- Daily backups
- Managed & monitored by DINAO
- 2 dedicated vCPU
- 4 Go RAM
- 40 GB NVMe
- Daily backups
- Managed & monitored by DINAO
- 4 dedicated vCPU
- 8 Go RAM
- 80 GB NVMe
- Daily backups
- Managed & monitored by DINAO
- 8 dedicated vCPU
- 16 Go RAM
- 160 GB NVMe
- Daily backups
- Managed & monitored by DINAO
Technical details
You might be wondering…
Does SuperTokens replace Auth0 or Cognito?
Yes, it is a self-hosted open source alternative to Auth0, AWS Cognito or Okta. The key difference: all authentication data remains on your infrastructure in France.
What login methods are supported?
Email/password, social login (Google, Facebook, GitHub…), passwordless (OTP and magic link) and multi-factor authentication (MFA).
Is there a user limit?
No. The open source core covers login, social, passwordless and sessions with no user limits. You pay for hosting, not per account.
How do I integrate it with my application?
Via SuperTokens SDKs (web and mobile) and an API. The auth service runs independently of your business logic, simplifying integration and updates.
Where is user data stored?
On your instance hosted in France, backed by PostgreSQL, isolated in a dedicated container and GDPR compliant. You retain full control over authentication data.