PrismIdentity. Simplified.

Self-hosted OAuth 2.0 / OpenID Connect platform on Cloudflare Workers. Zero servers, global edge.

🔐

OAuth 2.0 + OpenID Connect

Full authorization code flow with PKCE, OpenID Connect Discovery, token introspection and revocation, and an OpenID Connect–compliant UserInfo endpoint.

🌐

Social Login

Connect GitHub, Google, Microsoft, and Discord accounts out of the box. Users can link multiple providers to a single account.

🛡️

Multi-Factor Auth

TOTP (RFC 6238) with backup codes, and passkeys (WebAuthn / FIDO2) for passwordless login. Both can coexist on the same account.

🤖

Bot Protection

Choose from Cloudflare Turnstile, hCaptcha, reCAPTCHA v3, or a self-contained proof-of-work challenge powered by a Rust WASM module — no third-party service required.

🏗️

App Registry

Users register and manage their own OAuth applications with custom redirect URIs and scopes. Admins can verify apps to show a trust badge on the consent screen.

⚡

Edge-Native

Runs entirely on Cloudflare Workers backed by D1 (SQLite), KV, and R2. Deploy globally with a single command. No servers, no containers, no ops overhead.