Own Your Auth

INFRASTRUCTURE

Make Better Auth enterprise ready

Better Auth is the open-source authentication framework that runs entirely on your server. Infrastructure connects with a single plugin, giving you a complete admin dashboard, threat detection, enterprise SSO, audit logs, email and SMS templates, and more.

14 days free trial. No credit card required.
acme.better-auth.build

// dashboard

See everything. Control everything.

One interface to manage your entire auth system.

features.config
users

User Management

Create, update, suspend, and impersonate users from one place

sessions

Sessions

View active sessions, revoke access remotely, and manage devices

orgs

Organizations

Create workspaces, invite members, and assign role-based permissions

accounts

Account Linking

Connect social logins, manage credentials, and handle recovery flows

* included in all plans

// security

Stop threats before they start.

11 layers of protection. Block, challenge, or monitor. Zero security code to write.

blockedchallengedallowed

IP Address Lookup

Enter IP address...

IP: 192.168.42.103

Events: 12
Users: 1
First seen: 5d ago
Last seen: 2h ago

Resolved Users (1)

J

john_doe

j***@example.com

9active
<50msdetection
99.9%accuracy

Attack Prevention

Block malicious actors before they breach your system.

Bot detection

Identifies malicious bots, preventing potential security threats

Block

Brute force protection

Detect repeated failed login attempts to prevent unauthorized access

Block

Breached password

Blocks passwords known to have been compromised in data breaches

Allow

Impossible travel

Detect login attempts from different locations within an unreasonably short timeframe

Allow

Rate Limiting

Control traffic flow and prevent abuse at scale.

Velocity limiting

Rate limit sign-ups, sign-ins, and password resets to prevent abuse

Challenge

Geo blocking

Restrict access based on geographic location using country allow/deny lists

Disabled

Suspicious IPs

Identify suspicious IPs activity and either detect and allow or prevent the threat

Allow

Free trial abuse

Prevent users from creating multiple accounts to abuse free trials

Disabled

Account Protection

Keep accounts secure and communications clean.

Stale users

Automatically deactivates inactive user accounts to reduce security risks

Allow

Email validity check

Verify emails have valid MX records and block temporary/disposable email addresses

Block

Email abuse protection

Rate limit emails sent to the same address to prevent spam and abuse

Block

Security Events

Live
ActionIdentifierReasonTime
Blocked

hetag69540@gxuzi.com

79.226.146.88

Disposable Email2 days ago
Blocked

kv05@yopmail.com

125.16.89.198

Disposable Email3 days ago
Blocked

fejypa@gmm.com

141.8.64.27

No MX Records5 days ago
Blocked

peter@pan.com

217.155.189.65

No MX Records6 days ago

All security features included in every plan. No premium tiers.

Zero-config defaults
Instant alerts

// audit logs

Know exactly what's happening.

Every event on your auth instance, logged, searchable, and exportable. Debug issues in seconds.

Every event captured

Sign-ins, password changes, session creates, org updates, and more

Per-user timeline

Debug any user's complete auth history

Session visibility

Devices, IPs, locations. Revoke with one click

Search & filter

By user, event type, date range, or IP address

Log Drains

Your infrastructure
Enterprise customers
DatadogSplunkS3HTTP
Search...
All Events
Date range
EventUserIP AddressTime
User Signed In
Sarah Chen142.251.46.1742 min ago
Session Created
Sarah Chen142.251.46.1742 min ago
User Created
Marcus Rivera203.0.113.4218 min ago
Account Linked
Emily Watson51.142.98.1234 min ago
Session Revoked
James Park104.28.39.971 hr ago
30 days retentionExport CSV/JSON
SOC 2 + GDPR compliant

// enterprise features

Self-serve SSO, directory sync & audit logs.

Let customers configure their own SSO. SCIM-based directory sync keeps users in sync. Fetch audit logs programmatically through our SDK.

Self-serve SSO setup IT admins configure SSO themselves
Directory sync SCIM keeps users automatically synced
Audit logs API Fetch logs via SDK for compliance
Event streaming Drain to Splunk, Datadog, or your SIEM
Acme Corp

Select identity provider

Okta
Entra
Google
SAML
pendingExpires in 7 days
https://infra.better-auth.com/setup/sso/ak7x9f2...
Real-time sync • SOC 2 compliant
Self-serve SSO setup linksSCIM 2.0 directory syncFetch audit logs via SDKAny SAML 2.0 or OIDC provider

// email & sms

Transactional email and SMS, handled.

Every auth flow needs messaging. Verification emails, OTP codes via SMS, password resets, invites. All branded, all tracked, all protected from abuse.

templates/
Verify Emailemail
Reset Passwordemail
OTP Codesms
Org Invitationemail
+ more based on your config

Email

ManagedResendSendGridSES

SMS

ManagedTwilio

Verify your email

to: user@example.com

A

Verify your email

Click the button below to verify your email address and activate your account.

This link expires in 10 minutes.

Markdown supportededit template →

Your brand everywhere

Logo, colors, button styles for email. Custom sender ID for SMS. Users see you, not us.

Bring your own provider

Resend, SendGrid, AWS SES for email. Twilio for SMS. Or use our managed delivery.

Rate limits and spam checks

Per-user and per-IP limits. Automatic spam filtering. Keep your sender reputation clean.

activitylive

127

sent today

99.2%

delivered

0

bounced

Markdown editor with live previewDelivery logs for every messageLight + dark email themesTemplates sync with your auth config

The entire setup

Install the package, add one plugin to your existing Better Auth config. That's the whole integration.

No config filesNo env setupWorks instantly
npm i @better-auth/infra
auth.ts
import { dash } from "@better-auth/infra"

export const auth = betterAuth({
  plugins: [dash()]
})

Ship enterprise-ready Better Auth
in minutes

Own your auth without compromising on enterprise features and security.

14 days free. No credit card required.