Why I built an open-source alternative to Auth0

Mark Odera — Tue, 28 Apr 2026 18:14:03 +0000

Auth0 is a great product. So is Clerk. But at scale, both get expensive fast. Auth0 can run into hundreds of dollars a month once you cross certain MAU thresholds. Clerk charges per user. If you are building a multi-tenant SaaS, those numbers compound quickly.
I spent a long time looking for an alternative. Something with JWT rotation, RBAC, webhooks, audit logs, and multi-tenancy baked in. I could not find one that covered the full surface, so I built it.

What HVT is

HVT is a self-hostable authentication platform. You run it yourself for free, or use the managed cloud version at hvts.app. It is licensed under AGPL v3.

The core model is: Organisation → Project → API key → Runtime token.

Each app or environment gets its own project. Runtime users (your app's end users) are isolated per project. The same email can exist across different projects without collision.

What it covers

JWT with rotation and blacklisting
Runtime user signup, login, social auth (Google, GitHub)
Per-project RBAC with custom app roles and permission slugs
HMAC-signed webhooks with retry and auto-disable
Full audit logging across 21 event types
TypeScript SDK (@hvt/sdk)
One-click Railway deploy

Why AGPL

If you modify HVT and deploy it as a network service, you have to open-source those changes. That is intentional. It keeps the ecosystem honest and ensures improvements flow back to the community.

Where it is now

The backend is live at api.hvts.app. Docs are at docs.hvts.app. The SDK is published under @hvt/sdk on npm. It is early, but it works.

Check out the HVT GitHub Repository

If you have been burned by auth pricing or vendor lock-in, give it a look. Feedback welcome.

markodera / hvt

HVT is an open-source authentication infrastructure built for developers, start-ups and teams who want to build fast and take full control of their authentication systems

HVT

HVT is an open-source authentication platform built with Django and Django REST Framework. It provides a control plane for organizations, projects, API keys, invites, webhooks, and audit logs, plus a runtime auth plane for customer-facing applications.

Current Scope

email and password authentication
JWT access and refresh tokens
registration, email verification, and password reset
Google and GitHub social login
organizations, projects, and API keys
project-scoped runtime auth with shared identity across projects
invitations, project roles, permissions, and audit logs
webhook delivery for organization events

Project Model

HVT separates two concerns:

control plane: the dashboard and admin-facing APIs used to manage organizations, projects, API keys, social providers, invites, and webhooks
runtime plane: project-scoped auth flows that your application uses for sign-up, sign-in, social login, verify-email, and password reset

True Multi-Tenant Isolation: User accounts are strictly isolated at the project level. Unlike traditional Django apps where an email must be globally unique…

View on GitHub

Django Task Manager: Built in a Day with Django

Mark Odera — Sat, 18 Jan 2025 23:06:27 +0000

Built in a Day with Django

Introduction

Hey Dev.to community! 👋I built a task manager app in one day for the Dev.to Django Challenge. My aim was to explore Django’s capabilities while creating something functional.

Features ✅

Authentication & CRUD for tasks

Prioritization & due dates

Search and filter options

Responsive design

Tech Stack 🛠️

Django 4.x

Python 3.x

Bootstrap 5

SQLite3

Setup 🚀

Clone repo:

git clone https://github.com/markodera/freshstart-taskmanager.git
cd freshstart-taskmanager

Activate virtual environment:

python -m venv venv && source venv/bin/activate

Install dependencies:

pip install -r requirements.txt

Run migrations and server:

python manage.py migrate && python manage.py runserver

Lessons Learned ✍️

Plan first.

Focus on essentials.

Leverage Django’s built-in tools.

Closing Thoughts

Django is amazing for quick, powerful builds. Try a similar challenge—you’ll learn a ton!

GitHub Repo: https://github.com/markodera/freshstart-taskmanager.git 🙌

DEV Community: Mark Odera