Overview
What is auth-svc?
Auth-svc is a standalone service that works alongside duo-server to add user identity, access control, and keyshare backup and recovery. Duo-server handles the MPC protocol; auth-svc handles everything around it.
It can be self hosted and ships as a Docker image.
This guide uses auth-svc together with the React Native Boilerplate — a reference implementation that demonstrates the full integration. Beyond the core MPC auth endpoints, auth-svc also exposes app-specific endpoints that the boilerplate relies on, such as transaction history.
How it works
Your app registers users and devices with auth-svc once. After that, when a device performs an MPC operation, duo-server calls auth-svc to check whether the device is registered and authorized — your app never has to broker the verification itself.
Contents
| Setup & Running the Server | Docker Compose config, env vars for Auth0 / FaceTec / Helius, key generation, starting the server |
| Mobile App Integration | Register users and devices, configure the boilerplate app, integration flow for custom apps |
| API Reference | All REST endpoints with request/response specs, auth requirements, and error codes |
| Core Features | Authentication & authorization, backup & recovery |
| Architecture | Component diagram, request flows, data model |
| Authentication Model | JWT, device signatures, and face step-up — when each is used |
| How auth-svc Works with duo-server | The three hooks, registration flow, cache architecture |