Public beta · MIT licensed

Auth and billing that you run, not rent.

A user's login and their subscription share one tenant model, so a paying customer never gets locked out and access never outlives a failed payment.

You run it yourself, and the data stays in your Postgres. It's a public beta from a small team, MIT licensed, with the source on GitHub if you want to read it before you trust it.

New to ReliPay? See how the operator panel works

No per-MAU meter · MIT licensed · the source is on GitHub

1 stack
docker compose up
Multi-tenant
every row has appId
MCP
agent-ready
The status quo

When auth and billing live in two places, they drift

Most teams wire an auth provider to a payments provider with hand-written webhooks. Then the two records disagree: a paying customer gets locked out, or access lingers after a payment fails. Keeping them in sync is the part nobody wants to own.

Two systems, two records of the same user

The auth side knows who logged in. The billing side knows who paid. Webhooks land out of order, and the reconciliation code that keeps the two agreeing is yours to write and yours to debug.

Pricing that assumes you ship one app

Per-MAU meters assume a single product. Ship a second app that shares users, and you pay twice for the same people, plus a per-seat charge for your own team.

Your data lives in someone else's database

Identities, subscription history, and webhook receipts sit inside the vendor. Exporting them is possible on paper and painful in practice once you have real volume.

Agents can't read the account data

When a user's agent wants to check their plan or recent payments, the usual answer is a static admin key with full access. There's no scoped, read-only way to hand it just the account it's allowed to see.

How ReliPay fits

Auth and billing behind one API you host

ReliPay is a self-hostable service that keeps auth and billing in one tenant model, so a user's login and their plan don't drift apart. You bring the payment processor and keep your own account; ReliPay keeps the data, the panel, and the SDKs in your infrastructure.

One command to self-host

`docker compose up` boots the API, Postgres, Redis, and the panel. The same image runs in production, and the Postgres is yours.

One tenant model for identity and entitlements

A Tenant owns one or more Applications. Login and subscription state share that model, so a paid customer doesn't get locked out and access doesn't outlive a failed payment. Every row carries `applicationId`.

Bring your own payment processor

Stripe, PayPal, and Razorpay sit behind one `BillingProvider` interface, set per Application. You change a config value, not your billing code. Provider-specific fields live in `metadata`.

Account data agents can read

A built-in MCP server lets an agent read account, plan, and payment data over scoped OAuth 2.1, read-only. Connect Claude, Cursor, or Claude Code to a live instance instead of handing out an admin key.

Modules

What ReliPay does, and what it doesn't

ReliPay does auth and billing. It doesn't ship a CRM, an email blaster, or a feature-flag service. Pair it with the tools you already run.

Auth

  • Email + password
  • OAuth — Google, GitHub, plus 5+ providers via OIDC
  • MFA with TOTP + downloadable backup codes
  • Refresh-token rotation + session revocation
  • End-user roles per Application (RBAC) with default-role enforcement
  • WebAuthn / passkeys — register, sign in, and revoke
  • JWKS endpoint + opt-in RS256 — verify tokens offline at the edge, no API round-trip

Billing

  • Subscription, License, Usage, and Credit plan kinds
  • Stripe, PayPal, and Razorpay all live behind one interface
  • BYO provider credentials per Tenant (encrypted at rest)
  • Customer self-service portal — subscriptions, payments, plan changes, cancellation
  • Revenue dashboard — MRR, churn, and a 12-month trend per Application
  • Automatic dunning — scheduled failed-payment reminders + recovery tracking
  • Test/live keys with real data isolation — test users and payments never mix with production
  • Geographic routing across providers
  • Webhook receipts persisted + replayable from the panel
  • Coupons + discounts live; trials and proration planned for v1.0

Usage & Licenses

  • Track any metric — API calls, MB ingested, model tokens
  • Auto-bill against usage plans
  • License keys issued on plan activation, validated by SDK
  • Per-Application meter definitions with units + aggregation
  • Real-time meter dashboard in the panel
  • Per-user GDPR/DSAR JSON export + audit-log CSV export live; bulk user export planned

Developer experience

  • Typed SDKs: `@relipay/node`, `@relipay/react`, `@relipay/nextjs`
  • Operator MCP for your own tooling (`list_applications`, `list_payments`, `list_plans`, `get_payment_stats_by_app`, scoped `mint_api_key`), plus a separate read-only end-user MCP over OAuth 2.1
  • `@relipay/cli` — non-interactive, `--json` everywhere
  • Every error carries `code`, `message`, and `fix:`
  • `Idempotency-Key` header support on mutating endpoints — retry safely, never double-charge
  • A typed catalog of auth, billing, and dunning webhook events with a signature-verification helper
  • Per-application team roles — admin, billing-manager, and viewer grants for workspace members
  • OpenAPI spec served at `/docs` on every running instance
  • Operator panel built in Next.js — Cmd+K palette, onboarding checklist, audit-log CSV export
Pricing

Free to self-host (MIT licensed)

Run the whole stack yourself with one docker compose command. No per-MAU meter, no per-seat fee, unlimited Applications, Tenants, and end-users. The Postgres is yours. A hosted plan is on the way for teams who'd rather not run infra.

Free to self-host (MIT licensed) · public beta

Recommended

Self-host

Run the whole stack yourself. The recommended path today.

Free/self-host
  • Self-host Docker image + panel + SDKs
  • Unlimited Applications, Tenants, end-users
  • Bring your own Postgres + Redis
  • Bring your own Stripe / PayPal / Razorpay keys
  • Community support
  • MIT licensed

No per-MAU meter; the Postgres is yours

Try Now

Enterprise self-host

Self-host with a named support contact and roadmap input.

Custom/annual
  • Everything in Self-host
  • Named support contact
  • Custom auth providers — SAML, LDAP, SCIM (planned)
  • Early access to in-flight modules
  • Roadmap input
  • Available from v1.0

For teams that need a named contact

Get in touch

Prefer not to run the infra yourself? A hosted plan is on the way. See hosted pricing.

Common questions

If yours isn't here, ask through the contact form. This page gets updated from real questions.

Public beta. Self-host, the SDKs on npm, and the API are available today. The hosted plan isn't open yet; join the hosted waitlist. v1.0 finalizes hosted pricing. The license is settled: MIT.

Public beta

Run your auth and billing. Don't rent them.

ReliPay is in public beta. If you'd rather not glue two vendors together and reconcile them by hand, run it yourself or read the source first.

Public beta · run it yourself today · the source is public