Two lines of HTML. One JWT to validate on your backend. No user model migration, no session rewrite, no lock-in.
First 1,000 users free. 10,000 users at $79/mo — vs $220/mo Clerk, $735/mo Auth0.
npm install @trymellon/js<!-- Drop in your HTML — done -->
<script type="module"
src="https://cdn.jsdelivr.net/npm/@trymellon/js/dist/ui/index.js">
</script>
<trymellon-auth
app-id="your-app-id"
publishable-key="cli_live_0123abcd..."
mode="auto"
></trymellon-auth>
<script>
document.querySelector('trymellon-auth')
.addEventListener('mellon:success', async ({ detail }) => {
// Send token to your backend → set your own session
await fetch('/api/session', {
method: 'POST',
body: JSON.stringify({ token: detail.token }),
});
});
</script>Three authentication paradigms. One platform. Zero passwords.
WebAuthn-native registration and authentication. Phishing-proof, passwordless, bound to the user's device.
Each dot is a message hop between Wallet, TryMellon and your backend.
1M+
Passkey ceremonies executed
73+
Production-ready use cases
< 30 min
Median time to first login
"We cut our auth sprint from two weeks to two days. Cross-device QR was the deciding factor — no other vendor had it working out of the box."
"The flat pricing model made the business case trivial. We were paying Auth0 per MAU; now I can actually predict our auth bill."
"Our agents self-provision credentials via the API. One revocation call handles a leaked key across all agents. That alone justified the switch."
Auth0 charges $735/mo for 10K users. Clerk charges $220/mo. TryMellon: $79/mo flat — with cross-device QR and AI agent credentials included.
The pricing examples on this page, including the "Cost for 10K Users" comparison row, are snapshots based on publicly available pricing pages for TryMellon, Clerk, and Auth0 as of March 2026. They are meant to illustrate the shape of costs for a typical B2B team evaluating passwordless auth vendors, not as a contractual quote for any provider. Each vendor may change prices, tiers, or discounts at any time, and your actual bill will depend on usage, region, and any custom agreements you sign. For TryMellon, the Starter, Growth, Scale, and Enterprise tiers described here are the default SaaS plans; the dashboard and docs always contain the most current details and should be treated as the source of truth.
Real product. Free up to 1,000 users. No credit card, no MAU surprises.
B2B ticket: unlimited Webhooks and AI agents.
Usage-based for teams that scale.
Base $159/mo + metered per user above 100k.
Unlimited. Dedicated. Compliant.
Enterprise deals start with a 30-min call — email us to book.
TryMellon is not a feature-limited tier — it ships cross-device QR, AI agent credentials, and zero-PII defaults at a price that makes Auth0 and Clerk look like a tax.
| Feature | TryMellon | Hanko | Clerk | Auth0 |
|---|---|---|---|---|
| Cost for 10K users (typical B2B tier) | $79/mo | Free / Custom | $220/mo | $735/mo |
| Predictable B2B pricing (no per-MAU surprise bills) | ||||
| AI agent onboarding (scoped credentials, no raw API keys) | ||||
| Zero-PII defaults for B2B | ||||
| Cross-device QR auth (bridge domain included) | ||||
| Entity Enrollment (Keys & Padlock) | ||||
| Cross-device registration QR (add passkey from trusted device) | ||||
| Zero-dependency SDK (no transitive supply-chain exposure) |
No mobile page? No problem. Use our bridge domain to add QR-based login in minutes — switch to your own domain later with zero migration.
No /mobile-auth page to build. The SDK + bridge domain handles everything.
WebAuthn passkeys on mobile. Session tokens, not passwords. Zero PII stored by default on our side.
Switch to your own domain by changing one config value. No user re-registration.
Here's your weekend migration.
Import your existing users, send passkey enrollment links, run both in parallel. No schema changes, no user friction, no re-authentication wall.
NDJSON bulk import · enrollment link campaign · zero downtime
From zero to first biometric login in under 30 minutes.
TryMellon is a hosted WebAuthn backend and JavaScript SDK. Drop in the web component or call the SDK — either way your backend receives one JWT, validates it, and sets its own cookie. Your user model, your sessions, your database stay exactly as they are — Face ID, Touch ID, Windows Hello handled for you. B2B teams get multi-tenant isolation, zero-PII defaults, cross-device QR, and AI agent credentials out of the box. Predictable flat pricing instead of per-MAU surprises.
<trymellon-auth app-id="…" publishable-key="cli_live_…"></trymellon-auth>
client.signUp() / client.signIn() — full control over your own components.
GET /v1/sessions/validate with Authorization: Bearer <session_token>. Then set your own cookie or session — your stack, your rules.
For B2B SaaS teams
Problem: Password-based login with inconsistent 2FA across customers; cross-device auth required custom flows per tenant.
Solution: Installed the SDK, enabled QR default bridge, wired session validation to existing middleware — tenants kept their own user models.
What changed: New tenants enable cross-device auth via a config flag instead of an engineering project.
For AI platform teams
Problem: Secrets scattered across prompts and config files; rotating a leaked key meant redeploying multiple agents.
Solution: Each agent calls POST /v1/onboarding/ai to self-provision scoped credentials; session tokens validated on the backend before any action.
What changed: Incident response is one revocation call instead of a prompt trawl and redeployment.
Scale without rewriting. Isolation and API-first already solved.
B2B ready from day one. Organization, member and role isolation already handled. Your customers create their own organizations; you just bill.
Organization → Projects → Apps
Stop sharing raw API keys. Your AI agent hits POST /v1/onboarding/ai and provisions its own scoped credentials instantly. Built for the era of Autonomous Systems.
// Your AI agent does this automatically
POST /v1/onboarding/ai
{ "user_role": "agent", "email": "[email protected]" }
→ { "publishable_key": "cli_live_...", "app_id": "..." }Deslizá para ver más
Real-time Webhooks for Audit Logs, User behavior, and Custom B2B flows.
One endpoint. Scoped credentials. Revocable in a click. Built for agents that should not carry raw API keys in their prompts.
Add TryMellon and get auth that works for humans and agents.
Agent gets credentials
POST /onboarding/ai → tenant, client_id, publishableKey
OAuth token
Client credentials flow → Bearer token
Provision users
POST /v1/users → external_user_id
Allow origin
PATCH application → allowed_origins
End users sign in
Your app uses SDK → passkeys, no passwords
Zero-PII defaults, scoped credentials for AI agents, and clear data ownership boundaries—designed for B2B teams that live with compliance reviews.
User identity is tied to cryptographic keys, not emails or passwords. You can build B2B auth flows without storing names or emails on our side.
Your AI agents self-provision via POST /v1/onboarding/ai, receiving scoped credentials instead of raw API keys. You can rotate, revoke, and audit them without editing prompts or agents.
You keep control of your users and logs. When you export or delete data via our APIs, PII is removed on our side and you can plug the exports into your own data warehouse or SIEM.
Try a passkey flow right here. No account needed.
This demo uses sandbox mode. Your passkey is not stored.
Uses your device's biometric or PIN. Nothing is stored.
Drop in the web component, validate one JWT on your backend — done in 30 minutes. $79/mo flat. No migration. No per-MAU surprises.
Free for up to 1,000 total users. No monthly active user limits. No credit card required.