Authentication, roles, policies, and audit visibility — built for multi-tenant products that need real security.
Production-grade by design
OBSIDIAN iD
Identity infrastructure for modern apps.
The Problem
Identity infrastructure is fragmented. Auth providers lock you in. Enterprise IAM is bloated. Developer tools lack precision.
The Solution
OBSIDIAN iD provides sovereign, SDK-first authentication with multi-tenant architecture, granular RBAC, and complete audit trails.
The Result
Deploy in minutes. Scale infinitely. Control everything. No vendor lock-in. No compromises. Pure authority.
Enterprise IAM, Engineered for Precision
Every feature designed for control, security, and developer experience.
Authentication
MFA with TOTP, email, and push. Passkeys (WebAuthn), magic link, SSO via SAML 2.0, and social OAuth.
Multi-Tenant Architecture
Isolated tenant environments with custom branding, policies, invitations, and user hierarchies.
Roles & Permissions
Fine-grained RBAC and ABAC. Dynamic policy enforcement across resources and actions.
Sessions & Devices
Session management with idle timeout, device fingerprinting, geo-tracking, and concurrent limits.
Audit Logs & Compliance
Immutable audit trails, compliance reporting, and risk-based adaptive authentication.
SDK-First Integration
TypeScript SDKs for browser, Node.js, React, Next.js, and React Native. REST APIs with webhooks.
Built for Engineers
Deploy authentication in minutes with clean, type-safe SDKs and comprehensive documentation.
- TypeScript-native SDK with full type safety
- Minimal config with sensible defaults
- Webhook events for real-time integration
- RESTful APIs with real-time WebSocket events
- Local development environment
import { Obsidian } from '@obsidian/sdk';
// Server-to-server with API key
const client = new Obsidian({
baseUrl: 'https://api.obsidian.dev/v1',
apiKey: process.env.OBSIDIAN_API_KEY,
});
// Authenticate user
const { access_token, mfa_required } =
await client.auth.login({
email: 'user@example.com',
password: credentials.password,
});
// Check permissions
const perms = await client.users
.getMyPermissions();Security isn't a feature—it's the foundation
Encryption at Rest & In Transit
AES-256-GCM encryption for secrets. TLS for all API traffic. Key rotation support.
Compliance-Ready Architecture
Immutable audit trails, data retention policies, and GDPR export/deletion endpoints.
Threat Detection & Risk Scoring
Statistical anomaly detection, behavioral analysis, brute force protection, and geo-based risk scoring.
Multi-Tenant Isolation
Tenant-scoped data, row-level security, and isolated session management.
Trusted by Engineers
OBSIDIAN iD gave us enterprise-grade auth in hours, not months. The SDK is a masterpiece.
Sarah Chen
CTO · Zenith Tech
Finally, an IAM platform that doesn't treat developers like children. Clean APIs, real docs, zero magic.
Marcus Rodriguez
Principal Engineer · Apex Systems
The audit logs alone are worth it. Immutable, queryable, and actually useful for compliance.
Jordan Park
Security Lead · Quantum Lab
Start Free, Scale Forever
Transparent, usage-based pricing. No hidden fees. No vendor lock-in.
Deploy in Minutes
Start with our free tier. Scale to millions of users. Enterprise support available.