EU-hosted identity

Identity for real organizations.
Not just logins.

Start with ordinary login today, then add managed profiles only when your model needs them.

Standards-based OIDC for SaaS teams, agencies, and organizations. Managed profiles stay optional.
For associations, schools, communities, SaaS teams, and agencies.

Tuurio ID models real people and real relationships. Some people sign in themselves. Others are managed by parents, guardians, staff, or responsible members until they need their own access.

Get started All features Free auth templates
Popular example guides
React Spring Boot Flutter
CLI npx manage-tuurio-id@latest

100%

EU-hosted & GDPR-ready

< 5min

Setup time

ISO 27001

Certified datacenter (in DE)
MULTI-ORG DASHBOARD

Manage tenants, members, and responsible profiles in one place.

TechStart GmbH
Active
Müller Logistics
Active
New organization ...
Setup
Built for operational reality

Identity that matches how organizations actually work.

Not every real person should start as a login account. Tuurio separates the profile from the credential and keeps both connected over time.

White-label and multi-tenancy

Own brand, own domain, and tenant-scoped isolation for agencies, platforms, and multi-organization setups.

Profiles before login

Create profiles for members, students, dependents, or volunteers before they need their own credentials.

Explicit responsibility

Parents, guardians, staff, or responsible members can manage another profile through explicit, auditable relationships.

See the identity model
Managed identities

Some people log in. Others are managed.

Create managed profiles for children, dependents, students, volunteers, or members before they need their own access, and keep the same identity when login is added later.

Start with standard login if that is all you need. Add managed profiles only when your organization requires them.

Profiles without credentials

Create a real person record even when there is no login yet.

Delegated handling

Assign responsible people explicitly instead of sharing one account or bending the data model.

Continuity later

If that person later receives a login, the same profile stays the same identity.

See managed profiles
NIS2 & evidence

NIS2 affects 29,500 companies in Germany.

MFA under Art. 21(2)(j), audit trails, and evidence support: Tuurio ID helps close NIS2-related IAM and evidence gaps faster.

Am I affected? Read NIS2 info

Fair & Transparent

No hidden costs per user, login, or email. Choose the plan that fits your model.

All prices are plus statutory VAT.

Personal/Free, Starter, Business, and Enterprise are directly bookable. The PARTNER tier runs via a separate partner portal (own subdomain).

Personal/Free
Free
Forever

Ideal for individual developers and lean customer or member portals.

Test for free
  • Up to 50 Users
  • Passkeys and 2FA included
  • Basic branding
  • Audits
  • Hosted in DE
Starter
39 €
per month plus VAT

Ideal for small projects, new communities, and MVPs with straightforward login needs.

Test for free
  • Up to 5000 Users
  • Modern passkeys or classic 2FA
  • Standard branding
  • Social logins (BYO Auth)
  • Audits
  • Audit retention: 30 days / 1 year
  • EU-only processing
  • Hosted in DE
Most popular
Business
99 €
per month plus VAT

For organizations that need branded identity, member data, and managed profile workflows.

Test for free
  • Everything in Starter
  • Up to 25,000 Users
  • Full white-labeling
  • Custom domain (CNAME)
  • Advanced policies
  • Priority email support
  • X-Correlation-ID tracking
  • 1 Webhook
Enterprise
249 €
per month plus VAT

The complete solution for organizations that need audit-ready identity, managed profile operations, and data sovereignty without compromise.

Upgrade
  • Everything in Business
  • Up to 100,000 Users
  • Tuurio ID Vault Finance
  • Audit story line
  • SLA & support agreement
  • Webhooks
  • Admin API
  • Enterprise SSO providers
PARTNER tier Not directly bookable here
Partner & MSP

PARTNER tier sales run separately via a dedicated partner portal on a separate subdomain. On this page only contact request is possible.

  • Multi-tenant dashboard
  • Reseller margins
  • Central billing
  • Usage-based pricing
  • Co-branding marketing
Send request
More legal details: Terms · Privacy · Fair Use · SLA · DPA / AVV · Sub-processors · Refund Policy
Plan change successful

Your subscription was updated. You can close this window.

Plan change failed

Please contact support or update your payment method.

Contact support
Tuurio ID Auth

Modern login (email, passkeys). Ideal for teams starting with self-service accounts.

Included
Tuurio ID Vault Basic

Encrypted ID Vault plus profile data workflows for growing organizations.

From Business plan
Tuurio ID Vault Finance

Encrypted ID Vault + Unlimited Custom Fields + Encrypted Finance Data with SEPA automation

Exclusive in Enterprise plan
Access Granted
proxy -> check_auth(user)
... verifying token ...
OK -> forward_to("legacy-app")
Tuurio Zero Trust Engine

Bring your internal apps
securely to the web - without VPN.

Whether daycare printers, admin tools or legacy servers: with Tuurio Shield, internal software becomes globally reachable - end-to-end encrypted and protected by modern MFA.

  • Invisible infrastructure: No open router ports, no IP whitelists. Your server stays invisible to attackers.
  • Instant connect: WireGuard performance that feels like a local network.
  • Modern auth for legacy: Passkeys and MFA for software without native login systems.
How it works Ideal for Docker, NAS & intranets
OIDC UserInfo Response
{
  "sub": "c3aa285c-723c-4df8",
  "name": "Daniel Kraus",
  "emergency_contact": "+49 151...",
  "iban": "DE91 **** ****",
  "sepa_active": true
}
Tuurio ID Vault

Profiles and master data that
stay continuous.

The vault becomes one operational source of truth: self-service where possible, managed records where necessary.

  • Self-service where possible: People with their own login can maintain their data directly.
  • Managed where necessary: Authorized people maintain records for children, dependents, students, or members without login.
  • Continuity preserved: The same profile can later receive its own login without losing history.
Explore data vault
Building identity yourself costs more than it saves.

Identity is never done.
We handle the maintenance.

Identity work does not stop at the first login screen. Relationships, auditability, standards, and changing requirements create continuous maintenance.

The arms race

Yesterday a password was enough. Today you need MFA. Tomorrow passkeys. Attackers do not sleep - and neither do we.

The regulations

GDPR, NIS2, and accessibility rules raise the bar for identity flows every year. Tuurio helps teams stay operationally ready without overstating legal guarantees.

The standards

SAML, OAuth 2.0, OIDC and verifiable credentials keep getting more complex. You integrate once, we handle the rest.

The maintenance

Updates, bug fixes and library patches consume significant engineering time in custom auth systems.

The consequence?

Every week spent rebuilding identity basics is time missing from your product or organization.

Developers

Free state-of-the-art authentication templates

Use manage-tuurio-id to create your tenant, generate clients, and get ready samples with prefilled .env values.

React Vue Angular Node.js Python Java / Spring Go PHP
Open CLI guide View samples
Popular example guides
Next.js Laravel Android

Technology standards

OpenID Connect OAuth 2.0 WebAuthn / Passkeys Spring Security 7 REST API