Frequently asked questions
Short answers to the questions we hear most often.
- What does Kiavi actually do?
- Kiavi handles signup, login, sessions, social login, email codes, and passkeys for your application. Your app redirects users to a hosted login page; we send them back signed in.
- How is pricing calculated?
- You pay €0.01 per Monthly Active User (MAU). An MAU is a user who signs in or refreshes a session at least once in a calendar month. Optional warmup tiers eliminate cold starts for production apps.
- What is "warmup" and do I need it?
- Warmup keeps a dedicated authentication instance hot so login response times stay fast. You only need it for production apps that care about latency. Dev and staging can run on shared cold-started instances at no extra cost.
- Where is my data stored?
- In the EU. Your authentication instance runs on Scaleway in Paris. We do not replicate user data outside of the EU. See the security and subprocessors pages for details.
- Is Kiavi GDPR compliant?
- Yes. Kiavi is built around GDPR from the ground up: EU hosting, data minimization, a default DPA, a published subprocessor list, and clear data export and deletion APIs.
- What does "built on a proven open source base" actually mean?
- The authentication core of Kiavi is Better Auth, a well-established open source authentication library used in production by other tech companies. Instead of reinventing the protocol layer, we run a carefully configured Better Auth deployment per tenant and add the operational pieces most teams end up building themselves: a user management UI, daily and monthly active user dashboards, and a full audit log of authentication events. You get the transparency and battle-testing of open source, with a managed service on top.
- Are you ISO 27001 or SOC 2 certified?
- Not yet. We are at the start of our formal compliance journey and are actively working towards both ISO 27001 and SOC 2 Type II. The underlying controls (EU hosting, per-tenant isolation, encryption in transit and at rest, audit logging, and a documented incident response process) are already in place. Until certification is achieved we do not claim to be certified; the current status is always reflected on the security page.
- Do you support passwordless login?
- Yes. Kiavi is passkey-first. Email codes and social login are also supported. Kiavi does not offer password-based login.
- Which SDKs do you offer?
- A browser SDK for any web framework, a React Native SDK for mobile apps, and a server SDK for Node, Bun, Deno, and edge runtimes. See the docs for integration guides.
- Can I self-host or run Kiavi on-premise?
- On-premise and dedicated deployments are available for enterprise customers. Get in touch via the contact page if this is a requirement. If you really want to get your hands dirty, you can always choose to implement Better Auth as Kiavi is a pre-configured Better Auth deployment.
- What happens to my users if I cancel?
- You can export user data via the API at any time. After cancellation, we keep data for a short retention window (defined in the DPA), then permanently delete it.
- Is there a free tier?
- Pay-as-you-go pricing means small projects pay only a few cents per month. There is no separate free tier; the free signup credit covers most early development.
Did not find your question? Read the docs or get in touch.