Quantum-Native IAM

Quantum-Safe Identity Platform

Replace Auth0 and Keycloak with a modern IAM platform built for the quantum era. SSO, passkeys, MFA, federation, SCIM — with post-quantum JWT tokens signed by ML-DSA-65. Unlimited users, EU hosted.

Start Free Talk to Sales

QuantumAPI Dashboard — vault entries, encryption keys, compliance score, and team management

FIPS 203/204

NIST Standards

Auth Methods

∞

Unlimited Users

EU Frameworks

🇪🇺

EU Hosted

Every Way to Authenticate

12 connection types from passwords to passkeys. Let your users sign in the way they prefer.

QuantumAPI login page — sign in with quantum-safe authentication

QuantumAPI registration page — create an account

Single Sign-On

One login for all your apps. Full OIDC + SAML 2.0 provider with Authorization Code + PKCE, client credentials, and refresh token flows.

Passkeys & WebAuthn

Phishing-resistant passwordless login with Face ID, Touch ID, Windows Hello, or FIDO2 security keys. No passwords to steal.

Email Magic Links

One-click passwordless login via email. 15-minute single-use tokens, encrypted in QuantumVault, with customizable email templates.

SMS OTP

6-digit codes via text message with E.164 phone validation, rate limiting (3/hour), and attempt tracking. Scaleway TEM or Twilio.

Federation (OIDC + SAML)

Connect Entra ID, Okta, Google Workspace, GitHub, or any OIDC/SAML 2.0 provider. JIT provisioning and claim mapping included.

LDAP / Active Directory

Agent-based connector for on-premises AD/LDAP. Credentials never leave your network. WebSocket tunnel with heartbeat monitoring.

Security That Goes Beyond Passwords

Post-quantum cryptography, adaptive risk assessment, and bot detection — all built in.

Security settings — bot detection with hCaptcha, IP allowlist configuration

Post-Quantum JWT Tokens

JWT tokens signed with ML-DSA-65 (FIPS 204). QRNG entropy from real quantum hardware (Quantum Blockchains). Future-proof against harvest-now-decrypt-later attacks.

Multi-Factor Authentication

TOTP (Google Authenticator, Authy), WebAuthn passkeys, email magic links, SMS OTP, and single-use backup codes. Enforce per tenant or per user.

Bot Detection (hCaptcha)

GDPR-friendly hCaptcha integration. Always on for registration, adaptive for login (triggers after 3 consecutive failures). No Google dependencies.

Conditional Access

Risk-based authentication policies. Block or require MFA based on IP range, geolocation, device trust, time of day, or custom rules.

Device Trust & Sessions

Trusted devices skip MFA for 30 days. Full session management with geo-IP tracking, concurrent limits, and one-click revocation.

Enterprise-Ready from Day One

Custom domains, SCIM provisioning, compliance dashboards, and migration tools — no enterprise add-on required.

Identity Federation — add OIDC providers like Entra ID for SSO

Team management — members, roles, MFA status, and permissions

SCIM 2.0 Provisioning

Automated user and group provisioning per RFC 7643/7644. Connect Okta, Entra ID, or any SCIM-compatible directory.

Custom Auth Domains

Use your own domain for login pages (login.yourcompany.com). Automatic DNS verification and TLS provisioning via Let's Encrypt.

Bulk User Import

Import users from CSV, Auth0 JSON, or Keycloak realm exports. Legacy password hashes (bcrypt, PBKDF2, scrypt) re-hashed to Argon2id on first login.

Actions & Webhooks

Trigger webhooks on pre-login, post-login, registration, and token exchange events. Inject custom claims or deny access with HMAC-signed payloads.

Log Streaming

Stream authentication logs in real time to Splunk, Datadog, or custom webhooks. Built for SIEM integration and real-time alerting.

Compliance Dashboard

Automated posture assessment for GDPR, NIS2, DORA, and eIDAS 2.0. Actionable recommendations to close compliance gaps.

Up and Running in Minutes

Integrate QuantumID with any app using standard OIDC. No proprietary SDKs required.

OIDC Application — client credentials, redirect URIs, scopes, and environment configuration

Create an Application

Configure OIDC

Point your app to our OIDC discovery endpoint. Enable PKCE, choose scopes (openid, profile, email).

Add Auth Methods

Enable passkeys, magic links, federation, MFA — any combination you need. One toggle each.

Go Live

Your users sign in via our hosted login page or your custom domain. PQC tokens issued automatically.

Integrate in 10 Lines of Code

Standard OIDC means any library works. No vendor lock-in, no proprietary SDK required.

Works with any OIDC-compliant library (oidc-client-ts, next-auth, passport.js)
Authorization Code + PKCE enforced by default — no implicit flow vulnerabilities
React, Next.js, Vue, Angular, mobile, or server-side — your choice
Optional @quantumapi/react SDK with <QuantumLogin /> components (coming soon)

app.ts

import { UserManager } from 'oidc-client-ts'

const config = {
  authority: 'https://auth.quantumapi.eu',
  client_id: 'your-app-id',
  redirect_uri: window.location.origin + '/callback',
  scope: 'openid profile email',
}

const userManager = new UserManager(config)

// Sign in with Authorization Code + PKCE
await userManager.signinRedirect()

// Handle callback
const user = await userManager.signinRedirectCallback()
console.log('Signed in:', user.profile.email)

Built for Every Team

From startups to enterprises, QuantumID scales with your needs.

Enterprise

Centralize identity across all applications with SSO, federation, and compliance.

Entra ID, Okta, and SAML 2.0 federation
SCIM 2.0 automated user provisioning
Custom auth domains (login.yourcompany.com)
GDPR, NIS2, DORA, eIDAS 2.0 compliance dashboard

Startup

Launch faster with built-in auth. No Auth0 bills that grow with your users.

Unlimited users — we never charge per seat
Social logins (Google, GitHub, Apple, Microsoft)
Passwordless: passkeys, magic links, SMS OTP
Hosted login page with custom branding

Migration

Switch from Auth0, Keycloak, or any OIDC provider with zero-downtime tools.

Bulk import from CSV, Auth0 JSON, Keycloak JSON
Legacy hash support (bcrypt, PBKDF2, scrypt, Argon2)
Lazy migration — users migrate on first login transparently
Migration progress dashboard with real-time tracking

See How We Compare

QuantumID vs. traditional identity providers — feature by feature.

Feature	Auth0	Keycloak
Single Sign-On (OIDC)
OIDC Provider
SAML 2.0 Federation
Multi-Factor Auth
Passkeys / WebAuthn		Plugin
Email Magic Links
Post-Quantum JWT Tokens
SCIM 2.0 Provisioning	Enterprise only	Plugin
LDAP / AD Connector	Enterprise only
Custom Auth Domains	Enterprise only	Self-host
Bot Detection (CAPTCHA)	reCAPTCHA
Conditional Access Rules	Enterprise only	Limited
EU Data Residency		Self-host
GDPR Compliant	Partial	Self-manage
Unlimited Users	Per-seat

QuantumID vs Auth0 QuantumID vs Keycloak

Built for EU Compliance

Automated compliance posture assessment for four major European regulatory frameworks.

GDPR

Data processing records, consent tracking, right to erasure, and data portability — built into every tenant.

NIS2

Incident reporting readiness, access audit trails, and security measures aligned with the NIS2 directive.

DORA

Digital operational resilience metrics, ICT risk management, and regular testing for financial sector compliance.

eIDAS 2.0

EU Digital Identity Wallet readiness with W3C Verifiable Credentials signed using quantum-safe ML-DSA-65 signatures.

Unlimited Users, Usage-Based Pricing

We charge for storage and API calls — never per user. Scale your team without watching the bill grow.

View Plans

Ready to Upgrade Your Identity?

Start free and migrate when you're ready. No credit card required.

Create Free Account