TryMellon
Passkeys & WebAuthn for B2B

TryMellon passwordless auth for B2B teams and autonomous systems

TryMellon gives your app passkeys and WebAuthn-based login for both human users and AI agents, without forcing you to rebuild your auth stack.
Passwordless for B2B SaaS and AI platforms, with zero-PII architecture and multi-tenant support from day one.

Read the Docs
COMPATIBLE WITH
Next.jsSvelteReactVueAngularNode.js
Terminal
npm install @trymellon/js
auth.ts
import { TryMellon } from '@trymellon/js';

// 1) Initialize client
const clientResult = TryMellon.create({
  appId: 'your-app-id',
  publishableKey: 'pk_live_...',
});

if (!clientResult.ok) throw clientResult.error;

const client = clientResult.value;

// 2) Authenticate user
const result = await client.authenticate({
  externalUserId: 'user_123',
});

// 3) Validate session on backend
if (result.ok) {
  console.log('Session Token:', result.value.sessionToken);
}

What your agents can do

Decentralized, anonymous auth—even for AI agents. One API that issues scoped credentials instead of raw keys, so you can rotate and audit them centrally.

Add TryMellon and get auth that works for humans and agents.

12345
  1. Step 1

    Agent gets credentials

    POST /onboarding/ai → tenant, client_id, publishableKey

  2. Step 2

    OAuth token

    Client credentials flow → Bearer token

  3. Step 3

    Provision users

    POST /v1/users → external_user_id

  4. Step 4

    Allow origin

    PATCH application → allowed_origins

  5. Step 5

    End users sign in

    Your app uses SDK → passkeys, no passwords

AI Agents guide

Production-Grade Auth Use Cases

Concrete flows for door access, wallets, pseudonymous IDs, and cross-device logins you can drop into your product.

Door access with passkeys

From a door terminal to a physical lock actuator secured by TryMellon.

Client / Wallet TryMellon Cloud Your Backend
Svelte Flow

Passwordless login, even without a camera

Scan a QR and sign in from your desktop using your phone’s Face ID. Zero friction.

The Old Way

Passwords, reset flows, 2FA apps. Friction at every step.

The Mellon Way

Scan a QR and sign in from your desktop using your phone’s Face ID. Zero friction.

Cross-device authentication with WebAuthn and QR

No mobile page? No problem. Use our bridge domain to add QR-based login in minutes — switch to your own domain later with zero migration.

1Your App (Desktop)2QR Code3TryMellon Bridge4User's Phone5Session Ready

Minutes to First Login

No /mobile-auth page to build. The SDK + bridge domain handles everything.

Secure by Default

WebAuthn passkeys on mobile. Session tokens, not passwords. Zero PII stored by default on our side.

Migrate Anytime

Switch to your own domain by changing one config value. No user re-registration.

Frequently Asked Questions

Read integration docs Try the demo

B2B Ready from Day 1

Scale without rewriting. Isolation and API-first already solved.

Multi-Tenancy out of the box

B2B ready from day one. Organization, member and role isolation already handled. Your customers create their own organizations; you just bill.

Organization → Projects → Apps

AI Agent Onboarding

Stop sharing raw API keys. Your AI agent hits POST /v1/onboarding/ai and provisions its own scoped credentials instantly. Built for the era of Autonomous Systems.

// Your AI agent does this automatically
POST /v1/onboarding/ai
{ "user_role": "agent", "email": "bot@yourapp.com" }
→ { "publishable_key": "pk_live_...", "app_id": "..." }

Deslizá para ver más

Event-Driven Architecture

Real-time Webhooks for Audit Logs, User behavior, and Custom B2B flows.

How it works

Four steps from zero to passwordless.

Passkeys and WebAuthn for B2B SaaS and AI platforms

TryMellon is a hosted backend and JavaScript SDK that adds passkey and WebAuthn login to your product without forcing you to rebuild authentication from scratch. B2B teams use it to get multi-tenant isolation, zero-PII defaults, and predictable pricing that scales with real usage instead of MAUs. The same APIs cover both human users and AI agents: frontends call the SDK, backends validate session tokens via HTTP, and you keep full control over sessions and user models in your own services.

  1. 1

    Install the SDK

    npm install @trymellon/js

  2. 2

    Create your app

    Dashboard → create app → add your origin → copy App ID and Client ID (publishable key).

  3. 3

    Register & authenticate

    Call client.register() or client.authenticate().

  4. 4

    Validate on your backend

    Send session_token to your backend; call TryMellon GET /v1/sessions/validate with Authorization: Bearer <session_token>; then set your own cookie/session.

Example scenarios

For B2B SaaS teams

Scenario: B2B SaaS adds cross-device auth in one sprint

Problem: A B2B SaaS vendor was stuck with password-based login and inconsistent 2FA across customers. Cross-device auth required custom flows per tenant and weeks of implementation time.

Solution: They installed the TryMellon SDK, enabled the QR default bridge for desktop logins, and wired backend validation to their existing session middleware. Tenants kept their own user models; TryMellon handled passkeys, WebAuthn, and device binding.

What changed: After rollout, login-related support tickets dropped and new tenants could enable cross-device auth by flipping a configuration flag instead of opening an engineering project. The team reports that auth changes now feel like configuration, not a rewrite.

For AI platform teams

Scenario: AI agents onboard without raw API keys

Problem: A team experimenting with AI agents had secrets scattered across prompts and config files. Rotating a leaked API key meant updating multiple agents and re-deploying workflows.

Solution: They used POST /v1/onboarding/ai to let each agent provision scoped credentials, and validated session tokens on their backend before running any action. Keys never lived inside prompts; agents simply requested tokens they could rotate centrally.

What changed: This reduced the surface for credential leaks and made incident response simpler: revoke or rotate a single set of scoped credentials, without trawling through prompts or redeploying agents.

Security you can explain to auditors

Zero-PII defaults, scoped credentials for AI agents, and clear data ownership boundaries—designed for B2B teams that live with compliance reviews.

See it in action

Try a passkey flow right here. No account needed.

Try it now — no signup needed

This demo uses sandbox mode. Your passkey is not stored.

Uses your device's biometric or PIN. Nothing is stored.

  1. SDK initialized
  2. Challenge created
  3. Passkey ceremony
  4. Verify signature
  5. Session created

Enterprise Identity. Predictable Pricing.

Per-MAU micro-charges penalize growth. We provide realistic, tiered infrastructure limits.

The pricing examples on this page, including the “Cost for 10K Users” comparison row, are snapshots based on publicly available pricing pages for TryMellon, Clerk, and Auth0 as of March 2026. They are meant to illustrate the shape of costs for a typical B2B team evaluating passwordless auth vendors, not as a contractual quote for any provider. Each vendor may change prices, tiers, or discounts at any time, and your actual bill will depend on usage, region, and any custom agreements you sign. For TryMellon, the Starter, Growth, Scale, and Enterprise tiers described here are the default SaaS plans; the dashboard and docs always contain the most current details and should be treated as the source of truth.

Starter

POCs and Sandboxes. Real passkeys, no credit card.

$0 forever
  • 1,000 human users
  • 10 AI Agents
  • Passkeys + session validation
  • Community support
Start building

For POCs and Sandboxes.

Most Popular

Growth

B2B ticket: unlimited Webhooks and AI agents.

$79 /mo
  • Up to 10,000 users
  • Unlimited Apps
  • Unlimited Webhooks & AI agent onboarding
  • Entity Enrollment (Keys & Padlock)
  • Audit logs + Email fallback + Cross-device QR
  • QR default domain included
  • Standard Support

Scale

Usage-based for teams that scale.

$159 /mo
  • Up to 100,000 users (metered beyond)
  • Entity Enrollment (Keys & Padlock)
  • Priority support
  • Data export API (GDPR)
  • Custom email branding
  • QR default domain included

Base $159/mo + metered usage above 100k.

Enterprise

Unlimited. Dedicated. Compliant.

Custom
  • Unlimited users & agents
  • Entity Enrollment (Keys & Padlock)
  • SLA + Dedicated Account Manager
  • SSO / SAML Integrations
  • Custom webhook SLAs
  • Custom legal contracts
Talk to us

Sales inquiries by email only.

Built for Scale, not MAU traps

One auth layer for humans and AI. Zero-PII, cross-device QR, and AI agent onboarding without raw API keys—with pricing that scales with real usage.

FeatureTryMellonClerkAuth0
Cost for 10K users (typical B2B tier)$79/mo$220/mo$735/mo
Predictable B2B pricing (no per-MAU surprise bills)
AI agent onboarding (scoped credentials, no raw API keys)
Zero-PII defaults for B2B
Cross-device QR auth (bridge domain included)
Entity Enrollment (Keys & Padlock)
Passkeys / WebAuthn
B2B multi-tenancy (orgs, apps, allowed origins)
Email fallback & device recovery
Event-driven webhooks & audit logs
User data report & deletion (GDPR)

Ready to go passwordless?

Join the future of authentication. Secure your users with biometrics in minutes.

Read Documentation

Free for up to 1,000 total users. No monthly active limits. No credit card required.

How we build

We build infrastructure for passwordless authentication, with a focus on B2B teams that need to ship quickly without compromising on architecture or security. Our goal is to let any product add passkeys and WebAuthn without reinventing the wheel—through a valid architecture, a security-first approach, and reliable SaaS delivery.