[ AUTHENTICATION ]

Sign in.
Leave no trail.

No passwords. No persistent IDs.
A different private identifier for every service
you use — so no one can track you across them.

Without ONLYauth

Nike u#12345

Vogue u#12345

Bank u#12345

Same ID everywhere. Traceable.

With ONLYauth

Nike 4f:2a:9c

Vogue 8c:1b:3e

Bank 2e:9d:7f

Different ID per service. Uncorrelatable.

[ HOW IT WORKS ]

Enter your email

We send a one-time code. Your email is hashed the moment it arrives — the readable version never touches a database.

Enter the six-digit code

Valid for 10 minutes. No password to remember. No account to create. Your inbox is the only proof required.

Private ID issued

A pairwise identifier — different for every service you use ONLYauth with. Rotatable. Revocable. Never shared between services.

[ FOR DEVELOPERS ]

Standard OIDC.
Drop-in privacy.

ONLYauth speaks standard OpenID Connect. Any service that already integrates OAuth can switch to ONLYauth — your users get pairwise privacy with no change to your integration code.

Request access ↗

Authorization endpoint

GET /auth
  ?client_id=your-service
  &response_type=code
  &scope=openid
  &redirect_uri=https://yourapp.com/cb
  &code_challenge=S256

Standard PKCE flow. No proprietary SDK required.

Sign in.Leave no trail.

Enter your email

Enter the six-digit code

Private ID issued

Standard OIDC.Drop-in privacy.

Sign in.
Leave no trail.

Standard OIDC.
Drop-in privacy.