Terms of Service
Last updated: July 2026
1. Acceptance of these terms
These Terms of Service (the “Terms”) govern your access to and use of auth.is (the “Service”). You accept these Terms when you create an account. Because auth.is is MCP-first, account creation happens the first time you connect the auth.is MCP server and sign in — at that point we record your acceptance (a terms_accepted_at timestamp on your account). If you do not agree to these Terms, do not create an account or use the Service.
2. Description of the service
auth.is is a multi-tenant hosted identity provider. Each team you create gets a standards-compliant OpenID Connect issuer on a *.auth.is subdomain, provisioned and configured conversationally through the MCP management surface. The Service includes the issuer endpoints (discovery, JWKS, authorization, token, and userinfo), federation to upstream identity providers, passkeys, and theming.
3. Accounts and acceptable use
You agree to use the Service lawfully and, in particular, not to:
- use the Service to authenticate or authorize activity that is illegal, fraudulent, or infringing;
- attempt to breach tenant isolation, access issuers or user pools that are not yours, or probe the Service outside our responsible-disclosure policy;
- disrupt, overload, or circumvent rate limits or other protections on the Service;
- resell or sublicense the Service in a way that misrepresents it as your own identity platform without authorization.
You are responsible for the applications you connect to your issuers, for the end users who authenticate through them, and for keeping your own account credentials secure.
4. Beta status and availability
The Service is provided during beta on an “as is” and “as available” basis. We do not offer a service-level agreement or uptime guarantee while in beta. Features may change, break, or be removed, and data formats may evolve. We will give reasonable notice before changes that require action on your part, but you should not yet rely on the beta Service for production workloads without your own contingency.
5. Limitation of liability
To the fullest extent permitted by law, auth.is is not liable for any indirect, incidental, special, consequential, or punitive damages, or for any loss of data, revenue, or profits, arising out of or related to your use of the Service. Because the Service is offered free of charge during beta, our aggregate liability for any claim relating to the Service is limited to the greater of the amount you paid us in the preceding twelve months (which, during beta, is zero) or, where applicable law requires a floor, the minimum that law allows. Nothing in these Terms limits liability that cannot be limited under applicable law.
6. Changes to these terms
We may update these Terms as the Service leaves beta or as our practices change. When we make material changes we will update the “Last updated” date above and, where appropriate, notify you. Continued use of the Service after an update means you accept the revised Terms.
7. Contact
Questions about these Terms? Email [email protected].