Introduction
Human & AI Action Gateway
Transcodes is your AI agent for admin authentication, operations, and management — passkey login, RBAC, step-up auth, audit logs, and member management, without building any of it yourself.
| Why teams choose Transcodes | |
|---|---|
| No auth code to write | Tell your AI agent what you need — it generates the integration |
| No secret to steal | Private key never leaves the device—server breaches expose nothing |
| No password to crack | No hash, no secret string—nothing for AI to brute-force |
| No vendor lock-in | Export your credentials and logs anytime |
In the Age of AI, Passwords Are Dead
Passwords are no longer safe. AI cracks even “strong” passwords in under an hour, generates flawless phishing pages, and automates credential stuffing at billion-attempt scale. No password is safe in the Great AI Era.
| AI Attack Vector | Password | Passkey |
|---|---|---|
| Brute-force cracking | ❌ Crackable | ✅ No secret to crack |
| Phishing pages | ❌ Users enter passwords | ✅ Keys bound to origin—fake sites blocked |
| Data breach replay | ❌ Hashes cracked offline | ✅ Only public keys leaked—useless |
| Deepfake social engineering | ❌ Tricks users | ✅ Device proves identity cryptographically |
| Credential stuffing | ❌ Reused passwords work | ✅ Unique key per site, nothing to stuff |
The math is the security. No AI—no matter how powerful—can forge a cryptographic signature without the private key stored on your device
Why Transcodes
Your team needs passkey login, RBAC, step-up auth, audit logs, and member management — but building all of it takes weeks and needs a specialist. Transcodes provides the hosted auth SDK and Console, while MCP lets AI tools help with setup, RBAC lookup, admin operations, and integration code.
No Backend Needed
| Traditional | Transcodes |
|---|---|
| ❌ Backend SDK installation and configuration | ✅ HTML / CDN: one webworker.js script by default |
| ❌ Auth API endpoints you host | ✅ Hosted redirect APIs—no auth routes on your server |
| ❌ Database schema for credentials | ✅ Managed by Transcodes |
| ❌ Token generation/refresh logic | ✅ Handled by the SDK |
| ❌ Session management | ✅ Built into the toolkit |
| ❌ RP ID, OAuth redirects, JWKS plumbing | ✅ RP ID & legal URLs set once in Configuration—no custom auth backend |
Implementation Time
| Solution | Time |
|---|---|
| DIY WebAuthn | 1–2 weeks |
| Auth0 / Stytch | 2 days |
| Transcodes | 1 hour |
HTML / CDN (global transcodes after the script loads):
<script type="module" src="https://cdn.transcodes.link/{PROJECT_ID}/webworker.js"></script>// transcodes === window.transcodes (global from webworker.js)
const result = await transcodes.openAuthLoginModal({}); // login / sign-up
await transcodes.openAuthConsoleModal(); // account / member consoleDownload .d.ts from the Authentication Kit → Installation Guide panel in the Console, or follow Quick Integration for framework examples.
Security
| Feature | Description |
|---|---|
| Zero-Knowledge Architecture | Private keys stored only on devices—never on Transcodes servers |
| AES-256 Encryption | All secrets encrypted at rest and in memory |
| Phishing Protection | Domain binding blocks authentication on fake sites |
| Server Breach Immunity | No passwords on server—accounts safe even during breaches |
| Multi-Method Auth | Passkey, TOTP (Google Authenticator), YubiKey, and more |
| Layered Recovery | Synced passkey → Hardware key → TOTP → Email fallback |
No Vendor Lock-in
Data portability: export and backup flows (including JSON) are available from the product—see Backup. Passkeys follow WebAuthn/FIDO2 patterns, so you are not tied to password-only vendor models.
Get Started in a Few Lines
Pick HTML / CDN (Dashboard snippets) or npm (bundled apps). See Quickstart and Admin Integration.
HTML / CDN
<script type="module" src="https://cdn.transcodes.link/{PROJECT_ID}/webworker.js"></script>const result = await transcodes.openAuthLoginModal();Compare with alternatives
See how Transcodes compares to building WebAuthn yourself or using traditional providers.
Integration Complexity
Traditional Providers
🔴 Everything in red is code you must write and maintain.
Transcodes
Feature comparison
| Criteria | Auth0 | Stytch | Passage | Transcodes |
|---|---|---|---|---|
| Setup Time | 1-2 days | Half day | Half day | 30 minutes |
| Backend Required | Yes | Yes | Yes | No |
| Learning Curve | High | Medium | Medium | Almost none |
| Pre-built UI | Universal Login | Hosted UI | Custom elements | Built-in modals |
| Token Management | Semi-Auto | Semi-Auto | Semi-Auto | Automatic |
Code comparison
Traditional (100+ lines)
app.post('/api/webauthn/register/options', async (req, res) => {
/* ... */
});
app.post('/api/webauthn/register/verify', async (req, res) => {
/* ... */
});
app.post('/api/webauthn/login/options', async (req, res) => {
/* ... */
});
app.post('/api/webauthn/login/verify', async (req, res) => {
/* ... */
});
const options = await fetch('/api/webauthn/register/options');
const credential = await navigator.credentials.create(options);
await fetch('/api/webauthn/register/verify', { body: credential });
// ... plus token management, session handling, error statesTranscodes (3 lines)
const result = await transcodes.openAuthLoginModal({});
if (result.success) console.log('Authenticated!', result.payload[0].member);Other solutions need backend SDKs and API endpoints. Transcodes needs one
script tag (or the npm SDK with init)
Explore the Docs
Ready to Start?
Jump straight to the Passkey-first Login guide, or explore framework-specific tutorials (React, Next.js, Vue, Vanilla JS).