Deploy SuperTokens | Open Source Auth0, AWS Cognito, Okta Alternative
Self Host SuperTokens. Email, Social & Passwordless Authentication
SuperTokens
Just deployed
Just deployed
/var/lib/postgresql/data

Deploy and Host SuperTokens
Self-host SuperTokens on Railway — the open-source alternative to Auth0, Firebase Auth, and AWS Cognito that gives you production-grade authentication with zero vendor lock-in and no per-user fees. SuperTokens handles email/password login, social OAuth, passwordless magic links, session management, and MFA, all through a lightweight HTTP microservice that your backend SDK calls directly.
This Railway template deploys the full SuperTokens stack in one click: the SuperTokens Core service (https://hub.docker.com/r/supertokens/supertokens-postgresql) pre-wired to a Railway-managed PostgreSQL database over private networking. Your API key is auto-generated on deploy — no manual secret setup required.
Getting Started with SuperTokens on Railway
Once your deploy is live, verify the core is healthy by visiting https://.up.railway.app/hello — a Hello response confirms the database connection is working.
Next, install the backend SDK for your language (pip install "supertokens-python[fastapi]" for Python, npm install supertokens-node for Node.js) and call supertokens.init() with your Railway domain as connectionURI and the generated API_KEYS value as apiKey. From there, mount the SuperTokens middleware and your app immediately gains /auth/signup, /auth/signin, /auth/signout, and session refresh endpoints — no additional route code needed.
To add enterprise features like MFA or multi-tenancy, register at supertokens.com to get a license key and POST it to /ee/license on your running instance.
About Hosting SuperTokens
SuperTokens is an open-source authentication platform built around a stateless HTTP core microservice. Unlike Auth0 or Cognito, your backend sits between your frontend and SuperTokens — this architecture lets you customize every auth flow in your own language and framework without writing Java or navigating an admin console.
Key features:
- Email/password, social login (Google, GitHub, Apple, etc.), and passwordless (magic links / OTP) out of the box
- Secure session management with rotating refresh tokens and built-in anti-CSRF and anti-session-fixation protection
- Pre-built frontend UI components for React, with headless support for Vue, Angular, and mobile
- Backend SDKs for Node.js, Python, and Go
- Multi-tenancy and MFA available via paid add-ons or license keys
- User management dashboard at
/auth/dashboard - SOC 2 and GDPR certified
On Railway, SuperTokens Core communicates with PostgreSQL over Railway's private network — no traffic leaves Railway's internal infrastructure between the two services.
Why Deploy SuperTokens on Railway
Run SuperTokens on Railway without managing infrastructure, SSL, or Docker volumes:
- No volume management — SuperTokens Core is stateless; all auth data lives in Postgres
- Private networking between Core and Postgres out of the box — zero config, zero egress cost
- Auto-generated API key on every deploy via Railway's native secret generator
- Managed TLS and custom domains with one click
- One-click redeploys whenever you update your SuperTokens image tag
Common Use Cases
- SaaS products replacing Auth0 — teams hitting Auth0's per-MAU pricing at scale move to self-hosted SuperTokens and pay only for infrastructure
- B2B apps needing multi-tenancy — each customer org gets an isolated auth context using SuperTokens' multi-tenancy recipe
- Apps with strict data residency requirements — keeping user credentials inside your own Railway project satisfies GDPR and regional data laws
- Startups bootstrapping auth fast — pre-built UI components and Railway's one-click deploy ship a working login page in under an hour
Dependencies for SuperTokens
- SuperTokens Core —
registry.supertokens.io/supertokens/supertokens-postgresql:latest(GitHub: supertokens/supertokens-core) - PostgreSQL — Railway managed Postgres (minimum version 13.0 required)
Environment Variables Reference
| Variable | Description | Required |
|---|---|---|
POSTGRESQL_CONNECTION_URI | Full postgresql:// connection URI to Postgres | Yes |
API_KEYS | Comma-separated list of API keys; your backend SDK passes this as apiKey | Yes |
SUPERTOKENS_PORT | Port SuperTokens Core listens on (default: 3567) | No |
DISABLE_TELEMETRY | Set to true to opt out of anonymous usage telemetry | No |
POSTGRESQL_TABLE_NAMES_PREFIX | Optional prefix for all SuperTokens-managed DB tables | No |
> Note: POSTGRESQL_CONNECTION_URI must use the postgresql:// scheme. Using postgres:// causes a startup error.
Deployment Dependencies
- Runtime: Java 17 (bundled inside the Docker image — no separate JDK install needed)
- Database: PostgreSQL 13+ (Railway's managed Postgres satisfies this)
- GitHub: supertokens/supertokens-core
- Docker Image: registry.supertokens.io/supertokens/supertokens-postgresql
- Official Docs: supertokens.com/docs
SuperTokens vs Auth0 vs Keycloak
| SuperTokens | Auth0 | Keycloak | |
|---|---|---|---|
| Open source | ✅ | ❌ | ✅ |
| Self-hostable | ✅ | ❌ |