Railway

Deploy Pocket ID

A simple, self-hosted OIDC provider with passkey-only authentication.

Deploy Pocket ID

pocket-id

pocket-id/pocket-id:latest

Just deployed

/app/data

Deploy and Host Pocket ID on Railway

Pocket ID is a lightweight, self-hosted OIDC provider that uses passkey-only authentication — no passwords. It lets you add single sign-on to your self-hosted services using WebAuthn passkeys or hardware keys like YubiKey, making it a simple alternative to heavier solutions like Keycloak.

About Hosting Pocket ID

Pocket ID runs as a single container backed by SQLite, so there are no external database dependencies to manage. All data — the database, uploads, and GeoLite2 IP database — is stored under a single /app/data volume mount. The app listens on port 1411 and requires HTTPS, which Railway provides automatically via its public domain. On first deploy, visit /setup to register your admin passkey before anyone else can. Configuration is minimal: set your public URL and an encryption key, and you're running.

Common Use Cases

  • Self-hosted SSO gateway — centralize authentication across Grafana, Gitea, Nextcloud, and other OIDC-compatible self-hosted apps
  • Passwordless auth for homelab services — replace per-app passwords with a single passkey or YubiKey across your entire stack
  • Lightweight identity provider for small teams — simpler alternative to Keycloak or Authentik when you don't need enterprise complexity

Dependencies for Pocket ID Hosting

  • Persistent volume — mounted at /app/data for SQLite DB, uploads, and GeoIP data
  • HTTPS domain — required by WebAuthn; Railway's public domain satisfies this out of the box

Deployment Dependencies

Implementation Details

After deploying, visit /setup on your Railway domain to register your admin passkey — this must be done before the login page becomes accessible.

APP_URL must exactly match the domain in your browser's address bar (including https://, no trailing slash). WebAuthn derives its relying party ID from this value; a mismatch will cause passkey registration and login to fail.

Why Deploy Pocket ID on Railway?

Railway is a singular platform to deploy your infrastructure stack. Railway will host your infrastructure so you don't have to deal with configuration, while allowing you to vertically and horizontally scale it.

By deploying Pocket ID on Railway, you are one step closer to supporting a complete full-stack application with minimal burden. Host your servers, databases, AI agents, and more on Railway.

Template Content

pocket-id

ghcr.io/pocket-id/pocket-id:latest

More templates in this category

View Template
Keycloak
Keycloak template with keywind theme + apple and discord providers
beuz
735
Deploy
View Template
lua-protector
Test deployed my project first
trianaq765-cmd's Project
23
Deploy
View Template
bknd
Feature-rich yet lightweight backend
10
Deploy