Authentication built for zero trust systems
Pelican is an authentication platform that removes passwords, minimizes exposed data, and gives users cryptographic control over their identity.
Pelican provides a modern authentication layer that replaces traditional passwords with cryptographic identity, device-bound verification, and consent-driven data sharing. Applications authenticate users using deterministic identifiers, while sensitive identity data remains in the user's encrypted vault.
Core Features
Passwordless Authentication
Users authenticate using cryptographic keys stored on their device, removing passwords from the authentication flow entirely.
Deterministic User IDs
Applications receive stable, deterministic user identifiers without accessing personal data such as email or phone number.
Consent-Based Data Requests
Applications explicitly request access to user data. Users approve or deny each request at authentication time.
Session and Device Control
Pelican manages device registration, and re-authentication without exposing secrets to third parties.
How It Works
Application redirects user to Pelican
User authenticates via Pelican Vault
Pelican issues a deterministic identifier
Optional identity claims are shared with explicit consent
Use Cases
Frequently Asked Questions
Does Pelican replace OAuth?
Pelican can function as an OAuth-compatible provider while offering stronger privacy guarantees and cryptographic identity ownership.
Does Pelican store user passwords?
No. Pelican does not use or store passwords at any point in the authentication process.
Can users authenticate on multiple devices?
Yes. Each device is independently registered and verified under the user's identity.
Ready to get started?
Build secure, passwordless authentication into your application today.
Start with Pelican Auth