Every app can sign users in using a vertex.
Passkeys, MFA, QR login, step-up authentication, approvals, and trusted sign-in — all powered by programmable vertices.
Application
↓
Create Auth Vertex
↓
User verifies with passkey / MFA / QR / device cert
↓
Vertex updates to approved
↓
Application receives signed auth resulthttps://nodevertex.com/acme/signin/crm
https://nodevertex.com/acme/mfa/7F3K2
https://nodevertex.com/acme/passkey/davidAuthentication is too complex for every app to rebuild.
Modern applications are forced to integrate and maintain login, MFA, passkeys, magic links, QR approvals, step-up authentication, device trust, federation, session handling, token issuance, security evidence, and audit logs. Every app rebuilds the same authentication stack. That complexity slows down teams and fragments security.
Create a vertex. Let the vertex handle the auth workflow.
Vertex Auth turns authentication into a programmable signaling workflow. A vertex can represent a login request, MFA challenge, passkey ceremony, QR sign-in session, device trust check, step-up authorization request, approval workflow, agent authentication event, IoT device sign-in, or signed authentication result. The application only needs to create the vertex and wait for the result.
MFA as a vertex
POST /api/auth/vertex/create
Content-Type: application/json
{
"tenant": "acme",
"type": "mfa",
"subject": "david@acme.com",
"requestingApp": "CRM",
"requiredAssurance": "high",
"allowedMethods": ["passkey", "devicecert", "approval"]
}Approved state
{
"status": "approved",
"method": "passkey",
"assurance": "high",
"subject": "david@acme.com",
"proofUrl": "https://nodevertex.com/acme/proof/auth/7F3K2"
}Passkeys without rebuilding WebAuthn from scratch.
Passkey Vertices provide phishing-resistant authentication using WebAuthn/passkeys. Applications create a Passkey Vertex, redirect the user, and receive a signed result when the passkey ceremony completes.
https://nodevertex.com/acme/passkey/david
Passkey Vertices can support platform passkeys, roaming security keys, discoverable credentials, biometric unlock, device-bound credentials, phishing-resistant MFA, and step-up authentication.
QR sign-in powered by vertices.
Desktop app creates sign-in vertex
↓
Desktop displays QR code
↓
User scans with mobile device
↓
User completes passkey or approval
↓
Vertex updates to approved
↓
Desktop app receives signed login resultStep-up authentication for sensitive actions.
Applications can request stronger proof before allowing sensitive operations like approving a wire transfer, changing billing settings, rotating secrets, downloading sensitive files, authorizing an AI agent, or issuing a device certificate.
Supported authentication models
Passkeys
Represent passkeys as a stateful, auditable vertex that can expire, approve, deny, signal, and produce proof.
/acme/passkeys/7F3K2MFA
Represent mfa as a stateful, auditable vertex that can expire, approve, deny, signal, and produce proof.
/acme/mfa/7F3K2QR Login
Represent qr login as a stateful, auditable vertex that can expire, approve, deny, signal, and produce proof.
/acme/qrlogin/7F3K2Magic Links
Represent magic links as a stateful, auditable vertex that can expire, approve, deny, signal, and produce proof.
/acme/magiclinks/7F3K2Device Certificates
Represent device certificates as a stateful, auditable vertex that can expire, approve, deny, signal, and produce proof.
/acme/devicecertificates/7F3K2Agent Authentication
Represent agent authentication as a stateful, auditable vertex that can expire, approve, deny, signal, and produce proof.
/acme/agentauthentication/7F3K2IoT Authentication
Represent iot authentication as a stateful, auditable vertex that can expire, approve, deny, signal, and produce proof.
/acme/iotauthentication/7F3K2Step-Up Authentication
Represent step-up authentication as a stateful, auditable vertex that can expire, approve, deny, signal, and produce proof.
/acme/step-upauthentication/7F3K2Push Approvals
Represent push approvals as a stateful, auditable vertex that can expire, approve, deny, signal, and produce proof.
/acme/pushapprovals/7F3K2OIDC Federation
Represent oidc federation as a stateful, auditable vertex that can expire, approve, deny, signal, and produce proof.
/acme/oidcfederation/7F3K2SAML Federation
Represent saml federation as a stateful, auditable vertex that can expire, approve, deny, signal, and produce proof.
/acme/samlfederation/7F3K2Signed Auth Results
Represent signed auth results as a stateful, auditable vertex that can expire, approve, deny, signal, and produce proof.
/acme/signedauthresults/7F3K2One workflow. Any app.
const auth = await nv.auth.createVertex({
type: "signin",
subject: "david@acme.com",
requiredAssurance: "high",
allowedMethods: ["passkey"]
});
window.location.href = auth.vertexUrl;
const result = await auth.waitForResult();C#
var auth = await nodeVertex.Auth.CreateVertexAsync(new AuthVertexRequest
{
Type = "signin",
Subject = "david@acme.com",
RequiredAssurance = "high",
AllowedMethods = new[] { "passkey" }
});
var result = await auth.WaitForResultAsync();Authentication becomes infrastructure you can compose.
Vertex Auth is not just MFA. It is programmable authentication infrastructure. A vertex can hold state, receive updates, emit events, expire automatically, require policy, produce signed proof, and notify applications when authentication is complete.
Passkey authentication model
Vertex Auth supports phishing-resistant authentication patterns and policy-controlled authentication vertices. Enterprise deployments should validate the configured assurance level, attestation requirements, retention, and audit controls for their tenant.
Advanced attestation and identity-provider integrations are documented per deployment plan when enabled.
Stop building authentication from scratch.
Create a vertex. Verify the user. Receive the result.
Create an Auth Vertex View the API