Add secure auth to agent-built products.
Let humans or agents create, deploy, bind, and operate authentication modules for web apps, APIs, databases, and agent runtimes from one persistent workspace.
Start now
Provision sign-up, sign-in, sessions, and user administration as a deployable ACP resource.
Create users, drive sign-up and sign-in flows, and inspect identity operations from the SDK.
Bind auth to web apps, databases, functions, secrets, and agent runtimes in the same workspace.
Deploy, inspect logs, review bindings, and manage auth behavior without leaving the resource surface.
Pricing
Authentication modules are the managed identity surface for product sign-up, sign-in, sessions, and user administration.
| Auth runtime | 0.1 CT / live minute Billed while the auth module stays deployed and available. |
|---|---|
| Build computer | Normal computer usage applies The computer that prepares auth configuration or source files keeps its own runtime pricing. |
| Connected resources | Normal resource usage applies Web apps, functions, databases, secrets, and agent runtimes keep their own pricing model. |
SDK functionality
The JavaScript and Python SDKs expose auth lifecycle, deployment, rollback, bindings, logs, analytics, runtime inspection, secrets, and user operations from one manager.
| Lifecycle | Create, list, get, update, and delete the resource through the product manager or the generic resources manager. |
|---|---|
| Deployments | Deploy, list deployment history, and roll back to a previous deployment from JavaScript or Python. |
| Invocation | Invoke live routes directly from the SDK for health checks, smoke tests, backend calls, and CI workflows. |
| Operations | Read analytics, request logs, runtime logs, runtime config, and deployed runtime state from one resource surface. |
| Bindings | List, create, update, and remove bindings to databases, auth modules, secrets, web apps, functions, and runtimes. |
| Files | List, read, write, upload, download, and delete files that belong to the deployed resource. |
| Secrets | List, create, read, update, and delete secrets scoped to the resource without checking values into source files. |
| Users | List users, create admin-controlled users, run sign-up, and validate sign-in flows directly from the SDK. |
How to set it up
Start from the workflow that fits the product: script auth infrastructure with the SDK, operate directly in Develop, or ask an agent to connect identity to the app it is building.
Via SDK
Create, deploy, inspect, bind, and administer users from JavaScript or Python when identity should be scripted.
On the platform
Create an Auth resource in Develop, connect databases, apps, functions, or secrets, and deploy from the UI.
By agent
Ask a project agent to add sign-up, sign-in, protected routes, user persistence, and deployment checks.
How to deploy
A deployment turns auth configuration in a computer or project workspace into a live identity service that product resources can trust.
| Prepare auth policy | Define session settings, password rules, claims, provider assumptions, and the routes the product needs. |
|---|---|
| Create the resource | Point the auth module at a source computer, source folder, and nodejs22 runtime. |
| Bind dependencies | Attach databases, web apps, functions, secrets, or agent runtimes that need to trust the auth module. |
| Deploy and verify | Deploy the module, invoke a health or JWKS endpoint, and run a sign-in smoke test before launch. |
| Document ownership | Record public routes, protected routes, required claims, and admin owner inside the project workspace. |
How to manage
Auth is an operational resource. Keep users, logs, bindings, runtime configuration, and deployment state visible so identity stays reliable as the product evolves.
| Users | List users, create admin-controlled accounts, run sign-up flows, and validate sign-in behavior. |
|---|---|
| Logs | Use request logs to debug failed sign-ins, provider issues, token validation, and dependency failures. |
| Analytics | Track auth traffic, request patterns, and operational behavior over time. |
| Bindings | Review connected web apps, functions, databases, secrets, and runtimes before making identity changes. |
| Runtime state | Inspect runtime configuration and files when an auth module was generated or modified by an agent. |