Hey everyone π
I want to share a project I have been building over the last few months - Toqen.
Most authentication systems are designed around long-term user identity:
accounts, passwords, profiles, and long-term identity data.
But in practice, I kept seeing many cases where this model adds friction instead of value.
So I asked a different question: what if access does not need to be tightly coupled to long-term identity?
What Toqen is
- A passwordless access system
- No password-based login flows
- Identity data is minimized and contextual
- Secure, time-limited access using short-lived credentials
Instead of identifying who the user is, Toqen focuses on: should access be allowed right now, for this context, and for how long.
Use cases I am exploring
- Temporary access to SaaS tools
- Internal tools and admin panels
- Online and offline events
- Short-term access for partners or contractors
Current state
- Production-ready MVP built end-to-end
- Authentication and access logic implemented
- Infrastructure and deployment in place
- Early users testing real scenarios
This is still early, and I am actively validating which use cases truly benefit from an access-first authentication model.
I would really appreciate feedback from people who have worked with:
- authentication systems
- internal tools
- event access or temporary permissions
In your experience, where is identity actually unnecessary, and access alone is enough?
Thanks for reading π
Top comments (0)