Early access · M2M Auth

Secure machine-to-machine
auth. Built for developers.

OAuth 2.0 Client Credentials as a service. One API call to get a signed JWT. No auth infrastructure to manage.

Read the docs →
token-request.js JavaScript
1
2
3
4
5
6
7
8
9
10
11
12
// Get a token
const res = await fetch('https://auth.authknox.com/token', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    grant_type:    'client_credentials',
    client_id:     'your_client_id',
    client_secret: 'your_client_secret',
    audience:      'https://api.yourdomain.com',
  }),
});
const { access_token } = await res.json();
Why AuthKnox

Auth done right.
Without the overhead.

Secure by default

Signing keys live in Google Cloud HSM and never leave the hardware boundary. Private keys are physically unextractable. Every token issuance is audit-logged with structured metadata.

Simple by design

One API call to get a token. Standard OAuth 2.0 Client Credentials flow. Works with any HTTP client in any language.

Built to scale

Serverless infrastructure. No cold starts on the auth path. EU and US regions. 99.9% uptime SLA.

How it works

Up and running fast.

No key management. No JWT libraries to configure. No infrastructure to provision.

01

Create an application

Register your service in the AuthKnox dashboard. Get a client ID and client secret.

02

Request a token

One HTTP POST to the token endpoint using the standard OAuth 2.0 Client Credentials flow. Returns a signed JWT.

03

Verify anywhere

Fetch the public key from the JWKS endpoint and verify the JWT signature, issuer (iss), audience (aud), and expiry (exp). Works with any RFC 7519-compliant library.

Get early access.

We’re onboarding teams in batches. Free plan includes 10,000 tokens/month — no credit card.