Hello, XIVAuth.

XIVAuth is the last Lodestone code you'll ever need. Sign in to many services across the Final Fantasy XIV ecosystem with a single account.

Create your account Log in

XIVAuth is still under active development. Things should work overall, but there maybe be some rough edges and broken or weird UI. I'm still actively working on fixing all the problems, and I appreciate your patience as I make the user experience better. The backend and API are stable, meaning XIVAuth's core functionality should at least be reliable. Bug reports, support requests, and questions are welcome in the XIVAuth Discord.

Made for players

Get started with that cool new app faster. Skip the Lodestone code dance.

Registration Simplified

XIVAuth acts as your gateway to XIV community services. Just remember one password and never update your Lodestone page again.

Safety On Demand

Modern authentication keeps your characters and data safe without giving up convenience. MFA protect all your apps.

Privacy Built In

You decide what information to give an app. Share all your characters, just one, or none at all.

Built for devs

A turnkey authentication platform for FFXIV tools and websites.

Open source and committed to transparency.

Simple API

Leverage a handcrafted API designed to make developers happy. Work comfortably in native, web, and whatever else you can imagine.

Faster User Onboarding

Get players onboarded to your service quickly and efficiently. Reduce friction and simplify the player experience by letting them skip the annoying parts.

Auth Without Headaches™

No more reading RFCs to figure out how to add Passkey support, or hosting email servers just for password resets. We handle modern auth flows and security best practices for you.

Dedicated to Success

XIVAuth is on the cutting edge of the community, and we're here to help. Bug reports, integration support, and architecture advice are a message away.

By using XIVAuth, you agree to our Developer Agreement.

Security is in our DNA

XIVAuth is designed from the ground up to be secure. With a security engineer at the helm, we pretend to know what we're doing.

Security practices Privacy policy Moderation policy
  • Battle-tested tooling
    Security-related components are mature and well-defined.
  • Design best practices
    Default-deny and fail-fast design minimizes attack surface.
  • Transparent processes
    Open code and accessible devs mean internals are easy to inspect.
  • Strict no-Namazu policies
    Namazu discovered in the datacenter are forcibly removed, yes, yes.