Tzylo Docs

Introduction

Understand what Tzylo Auth CE is, what it solves, and when to use it.

Tzylo Auth CE is a simple, lightweight authentication server designed for developers who want control, clarity, and minimal setup.

It provides essential authentication features—login, registration, JWT tokens, refresh tokens, OTP-based flows—without locking you into heavy infrastructure or opinionated frameworks.

What is Tzylo Auth CE?

Tzylo Auth CE (Community Edition) is an open-source authentication service built with Node.js, TypeScript, and Fastify.

It is designed to run as a standalone service that your applications can talk to over HTTP. You manage your users, tokens, and sessions centrally, while your apps stay clean and focused on business logic.

Important: Tzylo Auth CE is not a hosted SaaS. You run it on your own infrastructure and own your data completely.

Why Tzylo Auth CE?

Tzylo Auth CE is built from a developer’s perspective, especially for those who want authentication to be understandable, configurable, and easy to run.

The goal is not to cover every possible enterprise use case, but to provide a clean and reliable authentication foundation that works well for most modern applications.

It is designed with:

  • Simple and predictable behavior
  • Minimal setup and configuration
  • Clear request–response flows
  • Code that is easy to read and extend

This makes it especially suitable for beginners, small teams, and early-stage products that want authentication without unnecessary complexity.

Who should use this?

Tzylo Auth CE is a good fit if you:

  • Are building a small to medium-sized application
  • Want authentication without vendor lock-in
  • Prefer understanding how auth works under the hood
  • Need multi-database support with minimal effort

It is especially useful for:

  • Side projects and prototypes
  • Internal tools
  • Early-stage startups
  • Learning and experimentation

What does it provide?

  • Email & password authentication
  • OTP-based verification flows
  • JWT access tokens and refresh tokens
  • Multi-database support (Postgres, MySQL, SQLite, SQL Server)
  • Optional Redis-based caching
  • Built-in rate limiting

What it does NOT try to be

Tzylo Auth CE intentionally avoids:

  • Complex UI dashboards
  • Enterprise IAM features
  • Opinionated user models
  • Heavy plugin ecosystems
If you need SSO, SAML, fine-grained RBAC, or compliance-heavy features, Tzylo Auth CE may not be the right tool.

How it fits into your system

Tzylo Auth CE runs as a separate service. Your frontend or backend applications communicate with it using HTTP APIs or SDKs.

High-level flow
Frontend / App
   ↓
Tzylo Auth CE
   ↓
Your Database (Postgres / MySQL / SQLite)
   ↓
Redis (optional)

This separation keeps authentication concerns isolated and makes your system easier to scale and maintain.