Auth your users will never
notice — and you’ll never fight.
Ants gives every app a secure auth backend, a fully dynamic permission system, and live + test environments that stay impossible to confuse.
Ed25519 · rotating refresh tokens · breach checks · per-app origin allow-lists
Drop-in auth
Email + password and Continue with Google, with verification, password reset and breach checks built in.
Live & test, side by side
Every app runs in both modes at once — isolated keys, users and roles. Switch with one click, never confuse them.
Dynamic roles & permissions
Define your own roles and permissions per app via API or SDK. No built-in roles, no assumptions about your domain.
Hardened by default
Ed25519 JWTs, rotating refresh tokens with reuse detection, per-app origin allow-lists and rate limits.
Multi-tenant
Many developers, many apps, fully isolated end-user pools. Built to host more than one product.
Offline verification
Verify access tokens in your backend with the SDK against cached JWKS — zero round-trips per request.
A few lines to wire up. Zero lines you didn’t mean to write.
The browser SDK manages tokens and silent refresh; the server SDK verifies them offline. Roles and permissions you define flow straight into the session.
- ✓Publishable keys for clients, secret keys for your backend
- ✓Roles & permissions managed entirely by your app
- ✓Switch the active environment without touching code
import { AntsClient } from "@ants/client";
const ants = new AntsClient({
baseUrl: "https://auth.example.com",
publishableKey: "pk_test_…",
});
await ants.signUp({ email, password });
const session = await ants.getSession();
// ⤷ { user, environment, roles, permissions }
if (await ants.can("invoices:read")) {
// gate UI on dynamic permissions
}Ship auth this afternoon.
Create an app, grab your test keys, and integrate in minutes. Flip to live when you’re ready.