Skip to Content
Overview

Synq

Synq is the identity layer for the modern internet. People get one durable profile across every app they use. Businesses get a fully branded sign-in experience they can drop into any product, without writing or maintaining the auth code under it.

If you are building a product where users sign in — with Google, Apple, X, Discord, Telegram, an email, a Solana wallet, or any combination — this is the documentation for you.

What Synq is

A full OpenID Connect issuer with:

  • A drop-in branded sign-in surface — your logo, colors, copy, domain. No “Powered by Synq” anywhere.
  • Multi-brand federation — one organization can carry many brands, each with its own sign-in surface and its own Bring-Your-Own OAuth credentials.
  • Multi-wallet by default. Linking a wallet is a signed message, never a transaction.
  • Webhooks, audit log, token gates, API keys, and a proper roles & permissions system.
  • A device authorization grant (RFC 8628) so CLIs and agents can sign in without embedding a browser.

If you have shipped against Auth0, Clerk, WorkOS, Supabase Auth, or Better-Auth, Synq will feel immediately familiar. The mental model is the same. The surface is OIDC-standard. The differences are detailed in the Migrating from another provider guides.

What Synq is not

It helps to be explicit:

  • Synq is not a wallet. Wallets stay where they are; Synq is the identity layer above them.
  • Synq is not a login widget. It is a real OIDC issuer. Anything that speaks the standard works: web, mobile, backend, CLI, agent.
  • Synq does not require a proprietary SDK to use. Our SDKs are a convenience. You can integrate with raw fetch and jose and everything will work.
  • Synq does not show a “Powered by Synq” badge on your sign-in surface. There is no upsell on the user-facing path.

How to read these docs

If you have ten minutes, read three things in order:

  1. Quickstart — register an app, get a working sign-in in your product, verify a token. Five focused minutes.
  2. Sessions and tokens — what you actually receive, what to do with it, when it expires, how to refresh.
  3. Organizations and Brands — the three-noun mental model. Five minutes.

If you have an hour, walk the Concepts section top-to-bottom. Every chapter is self-contained, but they build a coherent picture when read together. The chapters under API Reference then read like a comfortable bedtime story instead of a wall of routes.

If you have an SDK to write or an agent to ship, the SDKs and Guides sections are written so you can lift-and-shape the code samples into a working integration with minor edits.

A 60-second mental model

You create an Organization. Inside it, you create one or more Brands. A Brand owns its theming, its sign-in surface, its OAuth provider credentials, and its OIDC clients.

A Brand is the trust surface a user actually interacts with. When a user signs in, they see your brand on the consent screen, not Synq.

For each Brand, you register one or more Apps — OIDC clients in the spec’s language. A web app, a backend, a mobile app, an agent, a CLI: each is an App. Apps get a client_id and use the standard OIDC authorization_code, refresh_token, client_credentials, or device_code grants to obtain tokens.

The user receives an access token (RS256 JWT, audience = your brand’s slug) and an ID token (RS256 JWT, audience = your client_id). Your backends verify the access token against Synq’s JWKS endpoint, exactly like any other OIDC provider.

That is the whole model. The rest is detail.

A note on “for developers and their agents”

These docs are explicit about types, payload shapes, error codes, and edge cases — partly because that is good developer documentation, and partly because LLM agents writing integrations against Synq read this site as their source of truth.

Where a behavior is non-obvious, the docs name it. Where a section is useful for an agent to lift verbatim into code, the section is designed to be liftable. Where the “right” pattern differs from the “first pattern an LLM might try”, the docs say so.

If you are pasting these pages into an agent’s context window, that is exactly what they are written for.

Where to start

The dashboard for managing organizations, brands, apps, webhooks, and all the rest lives at dashboard.synq.id .

Last updated on