TryMellon
Passkeys without the rewrite — $79/mo flat

Add passkeys to your app. No migration. No MAU bills.

Two lines of HTML. One JWT to validate on your backend. No user model migration, no session rewrite — portable JWT (RS256) and data export API by design.
First 1,000 users free. 10,000 users at $79/mo — vs $220/mo Clerk, $735/mo Auth0.*

*Snapshot of publicly listed pricing for TryMellon, Clerk and Auth0 as of April 2026. See the pricing section for full disclaimer.

Read the docs
WORKS WITH
Next.jsSvelteReactVueAngularNode.js
STANDARDS
JWKSOIDC discoveryToken introspectionWebhook revocationCustom claims
Terminal
npm install @trymellon/js
index.html
<!-- Drop in your HTML — done -->
<script type="module"
  src="https://cdn.jsdelivr.net/npm/@trymellon/js/dist/ui/index.js">
</script>

<trymellon-auth
  app-id="your-app-id"
  publishable-key="cli_live_0123abcd..."
  mode="auto"
></trymellon-auth>

<script>
  document.querySelector('trymellon-auth')
    .addEventListener('mellon:success', async ({ detail }) => {
      // Send token to your backend → set your own session
      await fetch('/api/session', {
        method: 'POST',
        body: JSON.stringify({ token: detail.token }),
      });
    });
</script>

Experience TryMellon

Three authentication paradigms. One platform. Zero passwords.

WebAuthn-native registration and authentication. Phishing-proof, passwordless, bound to the user's device.

Wallet auth sequence (passkey)

Each hop is a real message between the device, TryMellon Cloud and your backend.

Svelte Flow
Request Response Local / internal Webhook

Enterprise Identity. Predictable Pricing.

Auth0 charges $735/mo for 10K users. Clerk charges $220/mo. TryMellon: $79/mo flat — with cross-device QR and AI agent credentials included.

The pricing examples on this page, including the "Cost for 10K Users" comparison row, are snapshots based on publicly available pricing pages for TryMellon, Clerk, and Auth0 as of March 2026. They are meant to illustrate the shape of costs for a typical B2B team evaluating passwordless auth vendors, not as a contractual quote for any provider. Each vendor may change prices, tiers, or discounts at any time, and your actual bill will depend on usage, region, and any custom agreements you sign. For TryMellon, the Starter, Growth, Scale, and Enterprise tiers described here are the default SaaS plans; the dashboard and docs always contain the most current details and should be treated as the source of truth.

Starter

Real product. Free up to 1,000 users. No credit card, no MAU surprises.

$0 forever
  • 1,000 users
  • Passkeys + session validation
  • Community support
Start building
Most Popular

Growth

B2B ticket: unlimited Webhooks and AI agents.

$79 /mo
  • Up to 10,000 users
  • Unlimited Apps
  • Unlimited Webhooks & AI agent onboarding
  • Entity Enrollment (Keys & Padlock)
  • Audit logs + Email fallback
  • Cross-device QR on up to 5 QR-enabled apps — 10,000 QR sessions/mo
  • Standard Support

Scale

Usage-based for teams that scale.

$159 /mo
  • Up to 100,000 users (metered beyond)
  • Unlimited Apps
  • Entity Enrollment (Keys & Padlock)
  • Cross-device QR on up to 10 QR-enabled apps — 100,000 QR sessions/mo
  • Priority support
  • GDPR data export & erase endpoints

Base $159/mo + metered per user above 100k.

Enterprise

Unlimited. Dedicated. Compliant.

Custom
  • Unlimited users & agents
  • Entity Enrollment (Keys & Padlock)
  • SLA + Dedicated Account Manager
  • Custom webhook SLAs
  • Custom legal contracts
Talk to us

Enterprise deals start with a 30-min call — email us to book.

$79/mo vs $735/mo. Same WebAuthn core. 9× less.

TryMellon is not a feature-limited tier — it ships cross-device QR, AI agent credentials, and zero-PII defaults at a price that makes Auth0 and Clerk look like a tax for the WebAuthn core you actually use.

FeatureTryMellonHankoClerkAuth0
Cost for 10K users (typical B2B tier)$79/moFree / Custom$220/mo$735/mo
Predictable B2B pricing (no per-MAU surprise bills)
AI agent onboarding (scoped credentials, no raw API keys)
Zero-PII defaults for B2B
Cross-device QR (sign in + add passkey from a trusted device, bridge domain included)
Entity Enrollment (Keys & Padlock)
Zero-dependency SDK (no transitive supply-chain exposure)

Feature snapshot as of April 2026. Competitor capabilities are based on their public documentation and may change — check each vendor's site before purchase.

Cross-device authentication with WebAuthn and QR

No mobile page? No problem. Use our bridge domain to add QR-based login in minutes — switch to your own domain later with zero migration.

1Your App (Desktop)2QR Code3TryMellon Bridge4User's Phone5Session Ready

Minutes to First Login

No /mobile-auth page to build. The SDK + bridge domain handles everything.

Secure by Default

WebAuthn passkeys on mobile. Session tokens, not passwords. Zero PII stored by default on our side.

Migrate Anytime

Switch to your own domain by changing one config value. No user re-registration.

Frequently Asked Questions

Read integration docs Try the demo

Already using Auth0, Clerk, or Cognito?

Here's the migration shape.

Import your existing users, send passkey enrollment links, and run both providers in parallel. No schema changes on your side and no forced re-authentication wall for your users.

Auth0 Clerk Cognito
Read the migration guide

NDJSON bulk import · enrollment link campaign · parallel-run pattern (no re-auth wall)

How it works

From npm install to first biometric login in one working session.

Passkey auth that plugs into your existing stack

TryMellon is a hosted WebAuthn backend and JavaScript SDK. Drop in the web component or call the SDK — either way your backend receives one JWT, validates it, and sets its own cookie. Your user model, your sessions, your database stay exactly as they are — Face ID, Touch ID, Windows Hello handled for you. B2B teams get multi-tenant isolation, zero-PII defaults, cross-device QR, and AI agent credentials out of the box. Predictable flat pricing instead of per-MAU surprises.

  1. 1

    Drop the web component (fastest path)

    <trymellon-auth app-id="…" publishable-key="cli_live_…"></trymellon-auth>

  2. 2

    Or use the SDK for custom UI

    client.signUp() / client.signIn() — full control over your own components.

  3. 3

    Validate one JWT on your backend

    GET /v1/sessions/validate with Authorization: Bearer <session_token>. Then set your own cookie or session — your stack, your rules.

  4. 4

    Onboarding platforms? Ship a hosted signup link

    @trymellon/js/platform → createSignupLink({ returnUrl }). The passkey ceremony runs under trymellonauth.com so RP ID is bound correctly, then the user returns to your app. Stripe Connect pattern — no iframes, no origin games.

Capability narratives

Scenarios below describe the SDK surface and expected impact, not individual customer deployments.

Capability narrative · B2B SaaS

B2B SaaS: cross-device auth without per-tenant work

Problem shape: Password-based login with inconsistent 2FA across customers; cross-device auth typically requires custom flows per tenant.

How the SDK addresses it: Install the SDK, enable the QR default bridge, and wire session validation to existing middleware — each tenant keeps its own user model.

Expected impact: Enabling cross-device auth for a new tenant becomes a config flag instead of an engineering project.

Capability narrative · AI platform teams

AI agents: scoped credentials without raw API keys

Problem shape: Secrets scattered across prompts and config files; rotating a leaked key means redeploying multiple agents.

How the SDK addresses it: Each agent calls POST /v1/onboarding/ai to self-provision scoped credentials; session tokens are validated on the backend before any action.

Expected impact: Incident response collapses to one revocation call instead of a prompt trawl and redeploy.

B2B Ready from Day 1

Scale without rewriting. Isolation and API-first already solved.

Multi-Tenancy out of the box

B2B ready from day one. Organization, member and role isolation already handled. Your customers create their own organizations; you just bill.

Organization → Projects → Apps

AI Agent Onboarding

Stop sharing raw API keys. Your AI agent hits POST /v1/onboarding/ai and provisions its own scoped credentials instantly. Built for the era of Autonomous Systems.

// Your AI agent does this automatically
POST /v1/onboarding/ai
{ "email": "bot@yourapp.com", "name": "My Agent" }
→ {
    "tenant_id":   "org_...",
    "client_id":   "cli_...",
    "client_secret": "sec_...",
    "publishable_key": "cli_live_...",
    "application_id":  "app_...",
    "limits": { "max_users": 15, "max_apps": 1 },
    "inactivity_purge_after_days": 7
  }

Deslizá para ver más

Event-Driven Architecture

Real-time Webhooks for Audit Logs, User behavior, and Custom B2B flows.

What your agents can do

One endpoint. Scoped credentials. Revocable in a click. Built for agents that should not carry raw API keys in their prompts.

Add TryMellon and get auth that works for humans and agents.

12345
  1. Step 1

    Agent gets credentials

    POST /v1/onboarding/ai → tenant_id, client_id, client_secret, publishable_key, application_id

  2. Step 2

    OAuth token

    POST /oauth/token with client_credentials → Bearer access_token (1h)

  3. Step 3

    Provision users

    POST /v1/users → external_user_id

  4. Step 4

    Allow origin

    PATCH /v1/applications/{application_id} → allowed_origins[]

  5. Step 5

    End users sign in

    Your app uses SDK → passkeys, no passwords

AI Agents guide

Security decisions you can document

Zero-PII defaults, scoped credentials for AI agents, and clear data ownership boundaries — designed so your compliance reviewer can map each control to a concrete implementation.

See it in action

Try a passkey flow right here. No account needed.

Try it now — no signup needed

This demo uses sandbox mode. Your passkey is not stored.

Uses your device's biometric or PIN. Nothing is stored.

  1. SDK initialized
  2. Challenge created
  3. Passkey ceremony
  4. Verify signature
  5. Session created

Passkeys in your app this sprint.

Drop in the web component, validate one JWT on your backend — no user model migration, no session rewrite. $79/mo flat, no per-MAU surprises.

Read Documentation

Free for up to 1,000 total users. No monthly active user limits. No credit card required.