You are the password

No one else has your face, your voice, or your fingerprint.
Access your account quickly and securely—and say goodbye to passwords forever.

Privacy is a right

Privacy is a right

Technology either permits or prevents privacy violations. Our authentication solution protects users from activity tracking and monetization. LoginID’s products meet the most advanced biometrics and regulatory compliance standards.

Security matters

Now more than ever, threat actors have opportunities to compromise sensitive information and monitor online activity. Strong authentication keeps consumers and businesses safe. Add a simple but powerful layer of protection with multi-device authentication with LoginID.

Security matters

Compliant privacy protection in three ways

Authentication

It's You

Log your customers in securely: LoginID pairs with FIDO2/W3C biometrics hardware.

Fast Identity Online
World Wide Web Consortium
Privacy

It’s no one else’s

Your personal identifiable information (PII) is secure with LoginID’s patent-pending cryptographic Secure Data Diffusion Protocol.

Compliance

It’s the law

LoginID authentication is compliant under privacy laws, including the EU’s General Data Protection Rights (GDPR) and the California Consumer Privacy Act (CCPA) legislation.

General Data Protection Regulation
Payment Services Directive

Made for developers

Integrate a simple, fast, secure authentication tool into any website, e-commerce interaction, or smart contract execution. LoginID is FIDO2 certified.

Start now
                            


Require_once 'vendor/autoload.php';

$provider = new \League\OAuth2\Client\Provider\GenericProvider([
    'clientId'                => 'demoapp',    // The client ID assigned to you by LoginID
    'clientSecret'            => 'demopass',   // The client password assigned to you by LoginID
    'redirectUri'             => 'https://example.com/your-redirect-url/',
    'urlAuthorize'            => 'https://openiddemo.loginid.io/hydra/oauth2/auth',
    'urlAccessToken'          => 'https://openiddemo.loginid.io/hydra/oauth2/token'
]);

// If we don't have an authorization code then get one
if (!isset($_GET['code'])) {

    // Fetch the authorization URL from the provider; this returns the
    // urlAuthorize option and generates and applies any necessary parameters
    // (e.g. state).
    $authorizationUrl = $provider->getAuthorizationUrl();

    // Get the state generated for you and store it to the session.
    $_SESSION['oauth2state'] = $provider->getState();

    // Redirect the user to the authorization URL.
    header('Location: ' . $authorizationUrl);
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {

    unset($_SESSION['oauth2state']);
    exit('Invalid state');

} else {

    try {

        // Try to get an access token using the authorization code grant.
        $accessToken = $provider->getAccessToken('authorization_code', [
            'code' => $_GET['code']
        ]);

        // We have an access token, which we may use in authenticated
        // requests against the service provider's API.
        echo $accessToken->getToken() . "\n";
        echo $accessToken->getRefreshToken() . "\n";
        echo $accessToken->getExpires() . "\n";
        echo ($accessToken->hasExpired() ? 'expired' : 'not expired') . "\n";

        // Using the access token, we may look up details about the
        // resource owner.
        $resourceOwner = $provider->getResourceOwner($accessToken);

        var_export($resourceOwner->toArray());

        // The provider provides a way to get an authenticated API request for
        // the service, using the access token; it returns an object conforming
        // to Psr\Http\Message\RequestInterface.
        $request = $provider->getAuthenticatedRequest(
            'GET',
            'https://example.com/oauth2/lockdin/resource',
            $accessToken
        );

    } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) {

        // Failed to get the access token or user details.
        exit($e->getMessage());

    }

}
                            
                        
Features for Enterprise and DIY

Benefits for Developers and Enterprises

Boost conversions

Signups, subsequent logins, and e-commerce transactions made simple.

Convenience at the cart

Zero-friction customer logins.

Save money

Compromised customer accounts are costly to fix.

Boost customer confidence

Highly secure, enabling customers to use biometrics on device hardware that meets FIDO2 security standards.

Regulatory compliant

Legislation is cracking down on weak security. Strong authentication supports privacy compliance and adheres to PSD2 principles.

Get started!

Add secure, password-less, private logins to your website and/or mobile app