Introducing Vercel Passport

Secure every internal agent, app, and deployment with your existing identity provider.

internal.vercel.sh

Forge-proof verification

After a user clears the gate, Passport gives the agent a signed JWT in the x-vercel-oidc-passport-token header. Read from your data source like Snowflake or Salesforce and your permissions apply to the real person, not a shared service account.

Authenticate Once. Control Everything.

Okta
Auth0
OIDC
MS Entra
Auth0
MS Entra
Okta
OIDC
OIDC
Auth0
MS Entra
Okta
OIDC
MS Entra
Okta
Auth0
Every deployment is gated by your identity provider. Authenticate with Okta, Auth0, or any OAuth 2.0 / OpenID Connect provider.
99+
Flat-rate pricing. Put Passport in front of every internal tool, agent, and app, and let the whole company in at no additional cost.
Passport
Visitors authenticate through your identity provider.
stylish-rogue
stylish-rogue
integrator-24.okta.com
caustic-bard
acme.okta.com
fleeting-necromancer
integrator-00.okta.com
Passport
Visitors authenticate through your identity provider.
stylish-rogue
stylish-rogue
integrator-24.okta.com
caustic-bard
acme.okta.com
fleeting-necromancer
integrator-00.okta.com
Never write a line of auth. Define access for your whole organization in one place while all agents and applications inherit.

Agent Stack

Core Platform

Tools

Learn

Build

Explore

Introducing Vercel Passport

Forge-proof verification

Authenticate Once. Control Everything.

Frequently asked questions

Introducing Vercel Passport

Forge-proof verification

Authenticate Once. Control Everything.

Frequently asked questions

[ 01 ]What is Vercel Passport?

[ 02 ]What problem does Vercel Passport solve?

[ 03 ]Which identity providers can I use?

[ 04 ]How does Vercel Passport work?

[ 05 ]How do I read a signed-in visitor's identity?

[ 06 ]Does Vercel Passport work with Vercel Connect?

[ 07 ]Does Vercel Passport work for agents too?

[ 08 ]What does Passport cost?