Pricing & Features for SuperTokens

Session Management

Create, verify, refresh & revoke sessions

Follows all session best practices like using httpOnly cookies

Prevents common session vulnerabilities like session fixation, CSRF or brute force attacks

Detects session hijacking using rotating refresh tokens

Optimal performance - session verifications < 1 MS

Automatic JWT signing key rotation, without logging users out

Ability to get all sessions given a user ID

Reading session data on the frontend, securely

Manipulation of session and JWT payloads

Anton Mladenov

Engineer @hi.health

Wow this is insane! I literally spent 5 min of copy-pasting React stuff and now I can see the auth page…so, at this point I should consider the frontend auth already set up?

If that’s true, then ST is just magical.

Anuj Chabbria

Cofounder @Report Card

Supertokens is our guardian angel. We’re able to secure multiple assets with one library, providing the most seamless and secure experience for our users. Kudos to the Super team!

Gus Fune

CTO @OffScriptHQ

We also moved @OffScriptHQ this week from @auth0 to @supertokensio . As a way to give back we will open source our code and document how other people can use @supertokensio with @HasuraHQ . Stay tuned! #foss #auth

Brandon Bayer

Founder @Blitz.js

I' m SO excited to finally ship built-in authentication in @blitz_js !!! Including design, we've been working on this for over 4 months! Thank you to @rishpoddar for being the genius behind our auth!!! Check out his company @supertokensio for framework agnostic session management

Fares Siddiqui

Founder @Circadia

We were using AWS Cognito and storing sensitive identity tokens on the frontend. SuperTokens secured our user accounts and patient data, and built an integration for our custom setup

Stephano Paraskeva

Full Stack Engineer @IMG ARENA

SuperTokens brings with it, what money can’t buy - trust and transparency. I use SuperTokens in all of my projects because I’m able to control where and how SuperTokens works within my apps, allowing for more granular control over my authentication

SuperTokens

Auth0

AWS Cognito

Keycloak

Firebase

Pricing

$$ / Free

$$$$

$$$

Free

Based on 200+ respondents -
shared feedback on the
product's documentation,
unsolved issues / bugs,
and general 'ease of use')

User Satisfaction

High

Users complaint about pricing
once they grow from a startup
to a growth company

Medium

Low

High

UI and backend customisability

High

Medium

Low

Size of the company offering services

Startup

Enterprise

Backed by enterprise

Enterprise

Response times,
Methods of support, etc

Company provided support for free tiers

High

Auth0 provides premium
support for large contract
values

Low

None

Medium

Self Hostable

Yes

It can be done on your own
infrastructure but managed
by Auth0

Yes

Open Source

Yes

Managed Service

Yes

Supported Cloud Providers

All

AWS

All

GCP

Compliance (SOC2, GDPR...

Yes

Self hosted - so not required

Yes

User management
dashboard

Yes

Passwordless login (email + phone no)

Yes

Experimental magic link and no SMS

Yes

Social and Email Password login

Yes

Custom Open ID connector

Yes

Yes
(Enterprise Tier)

Yes

SAML Login

Yes

Yes
(Essential Tier)

Yes

Being an OAuth 2.0 provider

In Progress

Yes

External Database

Yes
(Essential Tier)

SLA guarantees

Yes

Not known

Single sign on

Only across sub domains

Partial

Yes

2FA

No authenticator app
support

Partial

Yes

Partial
(Only SMS)

Roles and permissions

Yes

Web3 login

Yes

Machine to machine

Partial (only using JWT)

Yes

Partial (only using JWT)

Multi tenancy

Yes

But limit to 4 tenants
for custom domain

Yes

Cookie based session management (Out of the box)

Yes

Customise Emails and SMS

Yes

Emails: Yes, SMS: It does not send SMS at all. You need to use custom hook to send SMS yourself.

Partial

Only via custom email hook or SMS handler

Partial

Detailed Comparison

Our Pricing Philosophy

Our philosophy is inspired by Gitlab’s buyer-based model and by Enterprise Ready. This essentially states that features will be tiered according to the profile of the user that would require those features. Additionally, we would monetize features that would be required by people in roles such as: IT operations, management and executive teams, product managers and customer support agents.

Our product tiers will be categorised into the following:

1. Developer
2. Starter
3. Growth
4. Ultimate.

Developer tier  💻
The developer tier would be free and everything that an individual developer or small team of developers would require for their web application would be in this tier.

Starter plan  🌱
The starter plan would cater to formal startups in the early stages of their journey. It would have a minimal price point (under $50 / month).

Growth tier  🚀
The growth tier refers to startups that have found product market fit and where the business is scaling and growing.

Ultimate plan  🏛️
The Ultimate plan would be for established businesses which have achieved significant scale and revenue.

While deciding which tier a feature should go into, we would essentially add it to the lowest tier where the majority of users in that tier would require it. If there is a feature that would be required by the majority of developers, we would add it to that tier.

However, if a feature is not required by early stage startups but by the majority of growth companies and “Ultimate” companies (enterprises), then we would add the feature in the Growth tier.

How would you like to run SuperTokens?

Features

Detailed Comparison

Our Pricing Philosophy

Still not sure?