Blog

Contact Us

Rownd

Documentation

SDK Reference

API Reference

Dashboard

Website

Overview

Rownd Security

Introduction

Welcome to Rownd

Getting started

Flee static sign-in and move to Rownd with ease

Auth0

Migrating from Auth0

Cognito (AWS)

Migrating from AWS Cognito

Firebase

Migrating from Firebase Authentication

The Rownd platform gives everything you need to add customizable authentication to your product

Configuration

Rownd applications connect to your product(s) to provide Rownd authentication to your users.

Applications

Configure what sign-in methods are used in your app and websites

Authentication methods

Email-based Authentication with Rownd Sign-in Links offers a secure and user-friendly way for users to access their accounts on your website and mobile apps.

Email

Email sign-in

Phone / SMS

Sign in with SMS / Phone Number

Apple ID

Sign in with Apple

Turn on the Google authentication method to allow users to sign in with their Google accounts on your website and mobile apps.

Google

Sign in with Google

Enable passkey authentication to provide a secure and seamless sign-in experience for users with passkey-enabled devices.

Passkeys

Sign in with Passkeys

Guests / Anonymous users

Sign in as guest

Unverifeid user sign-in with email or phone

Unverified Users

Existing authentication

Validating third-party authenticators

Configure mobile apps in Rownd with ease.

Mobile app configuration in the platform

Preparing Rownd to work with your iOS app

iOS configuration

Preparing Rownd to work with your Android app

Android

Android configuration

Learn how app keys work with Rownd code snippets, SDKs, and APIs.

App credentials

Customize Rownd UI elements to match your brand and style

Global style

Customize the content and style of Rownd sign-in and verification emails

Email customization

Sub-brands allow you to manage users across all your varying apps, websites and products

Sub-brands

The Rownd platform gives everything you need to add instant sign in and profiles to your app

User Accounts

User profiles widget

The Rownd Hub and User profiles

Platform users table

Progressive profiles

User groups

Streamline your sign up experience with Rownd automaitions.

Automations overview

Encourage user sign in with customized prompts.

Sign in prompts

Rownd offers a growing list of integrations with other cloud services, CRMs, and more. Here's a list of the integrations we currently support.

Firebase Authentication

Airtable

Hubspot

MailerLite

Token validator

Run your own logic when data changes within Rownd

Webhooks

Integrate Rownd with NEAR blockchain to provide secure wallet management and user-friendly wallet interactions for your users.

Overview for NEAR integration

Rownd Integration with NEAR

Examples

Your account is created when you sign into Rownd for the first time.

Account

Give team members access to co-manage aspects of your Rownd account.

Teams

To prevent credential hijacking, Rownd recommends that customers set their list of allowed domains

Domain allow-listing

Suspicious IP throttling

Rownd SDK Overview

Mobile SDK Overview

Flutter

React Native

Expo

Web SDK Overview

API Reference for the Rownd Javascript API

Javascript API Reference

JavaScript

HTML Hooks

React / Next.js

Angular

Easily add Rownd instant accounts and authentication to your Vue-based project.

Add Rownd to your WordPress site with a simple plugin

WordPress / WooCommerce

Ruby on Rails

Backend SDK Overview

Node.js

Integrate Rownd instant accounts and authentication into your Django-backed project.

Django (Python)

.NET Core

Retrieve the current JWK set that validates Rownd-issued tokens

Retrieve Rownd JWK set

Retrieve OIDC configuration

Create a magic link

Insert or update user profile data

Retrieve a user profile

Update / patch user profile data

Delete a user profile

List user profiles

Retrieve the value of one field in a user profile

Retrieve one field from a user profile

Update the value of one field in a user profile

Update one field in a user profile

Get sample user profile data

Groups overview

Create a group

Retrieve a group

Update a group

Delete a group

Platform API for listing all groups belonging to an app

List groups

Create a group invite

Platform API for retrieving a group invite

Retrieve a group invite

Update a group invite

Delete a group invite

List group invites

Platform API for creating a member within the group. You can create a member by providing a user
ID or a user lookup value like an email address or phone number. The first member created within
a group will automatically be assigned the `'owner'` role.


Create a group member

Platform API for retrieving a group member

Retrieve a group member

Update a group member

Delete a group member

List group member

Update user profile data

User-facing API for creating a new group. The callee is automatically added with the `"owner"` role.


User-facing API for creating a group invite. An invite can be created for a user by providing
their `user_id`, `email`, or `phone`. Once accepted, the user will be added as a member within
the group and be assigned the roles specified in the invite.


User-facing API for retrieving a group invite

User-facing API for updating a group invite

User-facing API for deleting a group invite

User-facing API for listing group invites

User-facing API for creating a group member

User-facing API for retrieving a group member

User-facing API for updating a group member

User-facing API for deleting a group member

User-facing API for listing group members

Feature	Attack signal/vector	How it works
Suspicious IP Throttling	Rate of sign in attempts from a client.	Automatically throttles clients that try to sign up or sign in too quickly. Also automatically de-duplicates emails and text messages from similar sign-in attempts to reduce costs.
Brute Force Protection	N/A	Passwordless means reduced risk of brute-force attacks.
Passwordless Sign-in	Breached passwords	Passwordless means no breached passwords.
Domain Allow-listing	Credential hijacking	Rownd provides a domain allow-list option, creating a critical extra layer of security. Every customer should use this in production.
Data Encryption	In-transit data capture	Rownd uses encryption in databases and adheres to state-of-the-industry best practices, such as SSL, database encryption, and other techniques to secure user data.

Welcome

Configuration

Administration

Security

Rownd Security

Why passwordless matters

Preventing fake users, phishing, and breaches

Welcome

Configuration

Administration

Security

​Why passwordless matters

​Preventing fake users, phishing, and breaches

Why passwordless matters

Preventing fake users, phishing, and breaches