Frequently Asked Questions

Find answers to the most common questions about Authoh's authentication platform.

General Questions

What is Authoh?

Authoh is an authentication platform that helps developers easily add secure authentication and user management to their applications. It offers features like social login, multi-factor authentication, role-based access control, and more.

Is Authoh open source?

Yes, Authoh has both open-source and cloud versions. The open-source version can be self-hosted and is free to use. The cloud version offers additional features, managed infrastructure, and enterprise support.

Which platforms does Authoh support?

Authoh supports web applications, mobile apps (iOS and Android), single-page applications (SPAs), and backend APIs. We provide SDKs for popular frameworks and languages including JavaScript, React, Angular, Vue, Node.js, Python, and more.

Account & Pricing

How much does Authoh cost?

Authoh offers several pricing tiers:

• Free: For development and small projects
• Starter: $29/month for up to 1,000 MAU
• Growth: $99/month for up to 10,000 MAU
• Scale: $249/month for up to 100,000 MAU
• Enterprise: Custom pricing for large-scale needs

Visit our pricing page for the most current information.

How do you count Monthly Active Users (MAU)?

We count unique users who authenticate through your Authoh instance within a calendar month. A user is counted only once per month, regardless of how many times they log in or how many applications they access.

Can I change my plan at any time?

Yes, you can upgrade or downgrade your plan at any time. Upgrades take effect immediately, while downgrades take effect at the end of your current billing cycle.

Do you offer a free trial?

Yes, we offer a 14-day free trial of all paid plans with no credit card required. You can try all features before committing to a paid plan.

Security

Is Authoh GDPR-compliant?

Yes, Authoh is designed with GDPR compliance in mind. We provide tools for data export, user consent management, and data deletion to help you meet GDPR requirements.

Does Authoh support Multi-Factor Authentication (MFA)?

Yes, Authoh supports various MFA methods including:

• Authenticator apps (TOTP)
• SMS verification
• Email codes
• WebAuthn/FIDO2 (biometric and security keys)
• Push notifications (Enterprise plan)

How does Authoh handle data security?

Authoh implements industry best practices for security:

• All data is encrypted at rest and in transit
• Passwords are hashed using bcrypt
• Token-based authentication with short expiration times
• Regular security audits and penetration testing
• Automatic security updates for cloud customers

Can I use my own custom domain?

Yes, all paid plans support custom domains with SSL certificates. This allows you to use domains like auth.yourdomain.com for a seamless brand experience.

Technical Questions

What authentication protocols does Authoh support?

Authoh supports modern authentication protocols including:

• OAuth 2.0
• OpenID Connect
• SAML 2.0 (Enterprise plan)
• JWT-based authentication
• Social login protocols

Can I migrate from Auth0/Firebase/Okta?

Yes, we provide migration tools and guides for moving from other authentication providers. Our migration wizard helps you transfer users, roles, and settings with minimal disruption.

How can I integrate Authoh with my application?

Integration is simple with our SDKs:

// Example: JavaScript SDK integration
import { AuthClient } from '@authoh/sdk';

const auth = new AuthClient({
  domain: 'your-project.authoh.com',
  clientId: 'YOUR_CLIENT_ID'
});

// Login with redirect
auth.loginWithRedirect();

// Check if user is authenticated
const isAuthenticated = await auth.isAuthenticated();

// Get user profile
const user = await auth.getUser();

Does Authoh support Single Sign-On (SSO)?

Yes, Authoh supports SSO allowing users to access multiple applications with a single login. Enterprise plans include advanced SSO features like SAML integration and cross-domain SSO.

Self-Hosting

What are the requirements for self-hosting Authoh?

To self-host the open-source version, you'll need:

• Docker or Kubernetes environment
• PostgreSQL database
• Redis (for session management)
• Node.js runtime
• Minimum 2GB RAM and 1 CPU core

Detailed requirements are available in our self-hosting documentation.

Can I get support for the self-hosted version?

Yes, we offer paid support plans for self-hosted installations. These include SLA-backed support, priority bug fixes, and implementation assistance.

How do I upgrade my self-hosted instance?

Self-hosted instances can be upgraded through our Docker images or by pulling the latest code from our repository. We follow semantic versioning and provide detailed release notes for each version.

Still Have Questions?

If you don't see your question answered here:

• Check our detailed documentation
• Browse our community forum
• Contact our support team for personalized assistance

Welcome to Authoh!

This guide will help you get started with Authoh's authentication platform. We'll cover everything from creating your account to integrating authentication into your application.

Step 1: Create Your Account

1. Go to the Authoh Dashboard
2. Enter your email address and create a password
3. Verify your email address
4. Complete your profile information

Step 2: Create Your First Project

Once you've logged in to your Authoh dashboard:

1. Click on "New Project" in the top-right corner
2. Enter a name for your project
3. Choose your project type (Web App, Mobile App, or API)
4. Select your preferred authentication methods

Step 3: Configure Your Domain

For better branding and user experience:

1. Go to "Settings" > "Domains"
2. Add your custom domain (e.g., auth.yourdomain.com)
3. Follow the DNS configuration instructions
4. Verify your domain

Step 4: Integrate with Your Application

Using Our SDK

// Install the SDK
npm install @authoh/sdk

// Initialize in your app
import { AuthClient } from '@authoh/sdk';

const auth = new AuthClient({
  domain: 'your-project.authoh.com',
  clientId: 'YOUR_CLIENT_ID'
});

// Implement login
function login() {
  auth.loginWithRedirect();
}

Need More Help?

• Check our documentation for detailed guides
• Join our community Discord to connect with other developers
• Contact support@authoh.com for direct assistance

Remember, you can always reach out to our support team if you encounter any issues during the setup process.

Managing Your Authoh Account

This guide covers how to effectively manage users, roles, and permissions in your Authoh account. Proper account management helps maintain security and ensures users have appropriate access levels.

User Management

Inviting New Users

To invite team members to your Authoh organization:

1. Navigate to Dashboard > Organization > Members
2. Click Invite Members
3. Enter the email addresses of the people you want to invite
4. Select the appropriate role for each person
5. Optionally, add a personalized message
6. Click Send Invites

Invitees will receive an email with instructions to join your organization.

Managing Existing Users

To manage existing users in your organization:

1. Go to Dashboard > Organization > Members
2. View all active users and their roles
3. To edit a user, click the three dots (⋮) next to their name
4. From the dropdown menu, you can:
   • Change their role
   • Resend invitation (for pending users)
   • Remove from organization

Deactivating Users

When a team member leaves your organization:

1. Go to Dashboard > Organization > Members
2. Find the user you want to deactivate
3. Click the three dots (⋮) and select Remove
4. Confirm the removal

This revokes the user's access to your Authoh organization immediately.

Role-Based Access Control (RBAC)

Default Roles

Authoh provides several default roles:

• Admin: Full access to all organization settings and features
• Developer: Can manage applications and technical configurations
• Analyst: Read-only access to analytics and reports
• Support: Can manage users but not organization settings

Creating Custom Roles

To create a custom role:

1. Go to Dashboard > Organization > Roles
2. Click Create Role
3. Provide a name and description for the role
4. Select the permissions you want to grant
5. Click Create Role

Assigning Permissions

Customize permissions for each role:

1. Go to Dashboard > Organization > Roles
2. Select the role you want to modify
3. In the Permissions tab, toggle features on/off
4. Categories of permissions include:
   • User management
   • Application settings
   • API access
   • Billing
   • Organization settings

Organization Settings

Updating Organization Profile

1. Navigate to Dashboard > Organization > Settings
2. You can update:
   • Organization name
   • Display logo
   • Contact information
   • Default language and region

Security Settings

Enhance your organization's security:

1. Go to Dashboard > Organization > Security
2. Configure:
   • Password policies
   • MFA requirements
   • Session timeout settings
   • IP allowlisting

Domain Management

Add and verify domains for your organization:

1. Navigate to Dashboard > Organization > Domains
2. Click Add Domain
3. Enter your domain name
4. Follow the verification steps (DNS or file upload)
5. Once verified, you can use the domain for authentication

Billing and Subscription

Viewing Current Plan

1. Go to Dashboard > Organization > Billing
2. View your current plan, usage metrics, and billing cycle

Upgrading or Changing Plans

1. Navigate to Dashboard > Organization > Billing
2. Click Change Plan
3. Select the new plan that meets your needs
4. Confirm the change

Managing Payment Methods

1. Go to Dashboard > Organization > Billing > Payment Methods
2. You can:
   • Add new payment methods
   • Set a default payment method
   • Remove outdated payment information

Need Further Assistance?

If you need help with advanced account management:

• Check our detailed documentation
• Contact our support team for personalized help
• For enterprise customers, reach out to your dedicated account manager

Our team is available to help you optimize your account structure and permissions.

Common Authentication Issues and Solutions

This guide covers the most frequent authentication issues reported by our users and provides step-by-step solutions to resolve them.

1. Login Failures

Symptoms

• Users can't log in despite correct credentials
• Error messages about invalid username/password
• Repeated login prompts

Solutions

Check user status:

1. Go to your Authoh Dashboard > Users
2. Locate the user account
3. Verify the account is active and not blocked or suspended
4. Check if email verification is pending

Reset user password:

await auth.resetPassword({
  email: 'user@example.com'
});

Verify provider connections: If using social login, ensure the provider connection is properly configured in your dashboard.

2. Token Expiration Problems

Symptoms

• Users are repeatedly logged out
• "Unauthorized" errors after short periods
• Session timeouts earlier than expected

Solutions

Adjust token lifetime:

1. Go to Dashboard > Settings > Tokens
2. Increase the access token lifetime (default: 60 minutes)
3. Increase the refresh token lifetime if needed (default: 14 days)

Implement proper token refresh:

// Check if token is expired before making API calls
if (auth.isTokenExpired()) {
  await auth.refreshToken();
}

// Or set up automatic token refresh
auth.enableAutomaticTokenRefresh();

3. CORS Errors

Symptoms

• Console errors about CORS policy violations
• Authentication works locally but fails in production
• API calls failing with 403 errors

Solutions

Configure allowed origins:

1. Go to Dashboard > Settings > API
2. Add your application domains to the Allowed Origins list
3. Use wildcards sparingly (e.g., *.yourdomain.com)

Check request headers: Ensure your API requests include the correct headers:

fetch('https://api.yourdomain.com/data', {
  headers: {
    'Authorization': `Bearer ${auth.getAccessToken()}`,
    'Content-Type': 'application/json'
  }
})

4. MFA/2FA Issues

Symptoms

• Users can't complete multi-factor authentication
• MFA codes not being accepted
• Users locked out after device changes

Solutions

Reset MFA for a user:

1. Go to Dashboard > Users
2. Select the user experiencing issues
3. Navigate to the Security tab
4. Click "Reset MFA"
5. The user will need to set up MFA again on their next login

Provide backup codes: Make sure users have access to their recovery/backup codes that were generated when they set up MFA.

Check time synchronization: For time-based OTP (TOTP), ensure the user's device has correct time and date settings.

5. API Authentication Failures

Symptoms

• API requests failing with 401 errors
• JWT validation errors
• Token signature issues

Solutions

Verify API keys and secrets:

1. Go to Dashboard > API > Keys
2. Verify you're using the correct API keys
3. Regenerate keys if necessary (note: this will invalidate existing keys)

Check JWT configuration:

// Ensure you're using the correct audience and scope
const accessToken = await auth.getTokenSilently({
  audience: 'https://api.yourdomain.com',
  scope: 'read:data write:data'
});

Need More Help?

If you're still experiencing issues after trying these solutions:

1. Check our detailed documentation
2. Look through previous support threads for similar issues
3. Contact our support team with specific details about your problem

Our team is available to help Monday through Friday, 9am-5pm EST.