Broker, not provider. Auth that stays out of your UI.
Most auth solutions own your sign-in UI. Clowk brokers the authentication between your app and OAuth providers through a redirect flow — no embedded forms, no iframes, no frontend lock-in.
npm install @clowk/sdkWhy Clowk
Everything auth needs. Nothing extra.
Clowk brokers authentication between your app and OAuth providers. Your app controls its own buttons and pages — Clowk handles the rest.
No embedded UI
Clowk handles the entire auth flow on its own domain. Your app just redirects and receives a JWT back — no forms, no iframes in your DOM.
Every stack
SDKs for React, Next.js, Express, Hono, and Rails. The @clowk/core package is runtime-agnostic — Node.js, Bun, Deno, Workers.
Multi-provider
Google, GitHub, and Twitter OAuth out of the box, plus email/password. Add providers without touching your app code.
Security by isolation
Credentials and OAuth tokens never touch your app's DOM. The auth flow happens entirely on the Clowk domain, returned as a signed JWT.
Multi-tenant
One Clowk instance, unlimited apps. Each app gets its own keys, OAuth callbacks, and user namespace.
Free forever
Free plan with everything you need to ship. PRO plan available for teams that need more. No per-MAU billing, ever.
Integrate in minutes
From zero to auth in 5 lines
Works with your existing stack. No new abstractions to learn.
# Gemfile
gem 'clowk'
# config/initializers/clowk.rb
Clowk.configure do |config|
config.publishable_key = ENV['CLOWK_PUBLISHABLE_KEY']
config.secret_key = ENV['CLOWK_SECRET_KEY']
end
# config/routes.rb
Rails.application.routes.draw do
mount Clowk::Engine => '/clowk'
end
# app/controllers/dashboard_controller.rb
class DashboardController < ApplicationController
before_action :authenticate_clowk!
def index
@user = current_clowk
# => { id: 'usr_...', email: 'user@example.com',
# name: 'Alice', provider: 'google' }
end
endNeed more detail? Read the docs →
SDKs
One broker, every runtime
All packages depend on @clowk/corefor token verification. Framework packages are thin wrappers that adapt core to each framework's conventions.
@clowk/core
Runtime-agnostic foundation. JWT verification, HTTP client, SDK resources. Works on Node.js, Bun, Deno, and Cloudflare Workers.
npm install @clowk/core@clowk/sdk
User-facing convenience package. Re-exports everything from @clowk/core under a clean import path.
npm install @clowk/sdk@clowk/react
ClowkProvider, SignInButton, SignUpButton, SignOutButton, useAuth hook. Redirect-based — no embedded UI.
npm install @clowk/react@clowk/nextjs
Server-side middleware for route protection, auth() helper for Server Components, plus React components re-exported.
npm install @clowk/nextjs@clowk/express
Express middleware. Extracts and verifies JWT from query param, cookie, or Authorization header.
npm install @clowk/express@clowk/hono
Hono middleware. Same behavior as Express, adapted for Hono's API. Works on Workers, Bun, Deno, and Node.js.
npm install @clowk/honoSee it in action
Set up auth in under 5 minutes
Watch how to add authentication to your app with Clowk, from scratch.
5 min walkthrough