auth.is

Terms of Service

Last updated: July 2026

auth.is is in beta; these terms are a working draft and will be finalized before general availability. We may revise them as the product matures — nothing here is intended as final legal boilerplate, and material changes will be announced.

1. Acceptance of these terms

These Terms of Service (the “Terms”) govern your access to and use of auth.is (the “Service”). You accept these Terms when you create an account. Because auth.is is MCP-first, account creation happens the first time you connect the auth.is MCP server and sign in — at that point we record your acceptance (a terms_accepted_at timestamp on your account). If you do not agree to these Terms, do not create an account or use the Service.

2. Description of the service

auth.is is a multi-tenant hosted identity provider. Each team you create gets a standards-compliant OpenID Connect issuer on a *.auth.is subdomain, provisioned and configured conversationally through the MCP management surface. The Service includes the issuer endpoints (discovery, JWKS, authorization, token, and userinfo), federation to upstream identity providers, passkeys, and theming.

3. Accounts and acceptable use

You agree to use the Service lawfully and, in particular, not to:

  • use the Service to authenticate or authorize activity that is illegal, fraudulent, or infringing;
  • attempt to breach tenant isolation, access issuers or user pools that are not yours, or probe the Service outside our responsible-disclosure policy;
  • disrupt, overload, or circumvent rate limits or other protections on the Service;
  • resell or sublicense the Service in a way that misrepresents it as your own identity platform without authorization.

You are responsible for the applications you connect to your issuers, for the end users who authenticate through them, and for keeping your own account credentials secure.

4. Beta status and availability

The Service is provided during beta on an “as is” and “as available” basis. We do not offer a service-level agreement or uptime guarantee while in beta. Features may change, break, or be removed, and data formats may evolve. We will give reasonable notice before changes that require action on your part, but you should not yet rely on the beta Service for production workloads without your own contingency.

5. Limitation of liability

To the fullest extent permitted by law, auth.is is not liable for any indirect, incidental, special, consequential, or punitive damages, or for any loss of data, revenue, or profits, arising out of or related to your use of the Service. Because the Service is offered free of charge during beta, our aggregate liability for any claim relating to the Service is limited to the greater of the amount you paid us in the preceding twelve months (which, during beta, is zero) or, where applicable law requires a floor, the minimum that law allows. Nothing in these Terms limits liability that cannot be limited under applicable law.

6. Changes to these terms

We may update these Terms as the Service leaves beta or as our practices change. When we make material changes we will update the “Last updated” date above and, where appropriate, notify you. Continued use of the Service after an update means you accept the revised Terms.

7. Contact

Questions about these Terms? Email [email protected].

Terms · auth.is