HomeProductsAboutContact
All Products
Authentication · Infrastructure
Semelpass™

One pass. One auth. Done. Semelpass™ is a self-hosted passwordless authentication gateway that eliminates credential exposure without introducing a third-party dependency.

Request Access Currently available to qualified operators.
The Problem

Every third-party auth provider is a dependency you don't control.

The modern authentication landscape asks you to choose between complexity and dependency. Build it yourself and it becomes a maintenance burden. Use a third-party provider and you've handed session management, credential storage, and availability to someone else's infrastructure.

Passwords introduce exposure. Social login introduces platform risk. Magic link providers introduce deliverability dependency. And when the auth layer goes down — everything behind it goes with it. None of this is acceptable for production software that runs real operations.

How It Works

Forward-auth. JWT issuance. One login across every surface.

Semelpass™ sits in front of your application stack as a forward-auth proxy. Every request passes through it. Authenticated sessions get a signed JWT and proceed. Unauthenticated requests are redirected to a clean OTP flow — no password, no friction, no external provider.

Forward-Auth Architecture — deployed behind Caddy or Nginx. Sits in front of any application without code changes to the app itself.
OTP + Magic Link — email-based passwordless auth delivered via Nuntius. Time-bound, signed tokens. No credential storage, no exposure surface.
JWT Issuance — tenant-scoped claims, configurable expiry, role propagation. Every downstream application reads the same verified session.
Multi-App Session Sharing — one login protects every application behind the gateway. One logout ends all sessions simultaneously.
Redis-Backed Rate Limiting — brute force protection built in. No configuration required.
Why Different

Self-hosted. No external dependency. Infrastructure you own.

Semelpass™ is not a SaaS auth provider. It runs on your infrastructure, issues your tokens, and stores nothing it doesn't need to. The authentication layer is as reliable as your own stack — not someone else's uptime SLA.

No external auth provider — zero third-party dependency or data exposure
No passwords stored — OTP and magic link only, nothing to breach
Deploys in front of any app — no application code changes required
Currently protecting all Omniapan AI production surfaces
Request Access Currently available to qualified operators. Start a conversation.
Request a Demo
We'll be in touch shortly.
Message sent.
We'll be in touch at the email you provided.