Hello, XIVAuth.

XIVAuth is the last Lodestone code you'll ever need. Sign in to many services across the Final Fantasy XIV ecosystem with a single account.

Create your account Log in

XIVAuth is still under active development. Things should work overall (mostly), but there may be some rough edges, broken/weird areas of the UI, or hastily-deployed AI slop in parts of the frontend (like this very page). I do promise the actual backend features work, though. Bug reports, support requests, and questions are welcome in the XIVAuth Discord.

Made for players

Sign in faster. Share less. Keep control of your characters and your data.

Sign In: Simplified

Your XIVAuth account becomes your key to many community services. No more remembering multiple passwords.

Safety: On Demand

Protect everything with modern authentication methods. Passwordless sign-in, MFA, and more.

Privacy: In Your Hands

Decide what information to share with each service. Nothing more, nothing less.

Built for devs

A turnkey authentication platform for FFXIV tools and websites.

Open source and committed to transparency.

Simple API

Leverage a handcrafted API designed to make developers happy. Work comfortably in native, web, and whatever else you can imagine.

Lodestone as a Service

Stop worrying about parsing, retry logic, and edge cases. XIVAuth verifies characters so you can focus on the cool parts of your project.

Auth Without Headaches™

No more reading RFCs to figure out how to add Passkey support, or hosting email servers just for password resets. We handle modern auth flows and security best practices for you.

Blazing fast integration

Ever implemented Discord sign-in? You’ll feel right at home. Familiar patterns, minimal config, maximum velocity. And if things go wrong, help is just a message away.

By using XIVAuth, you agree to our Developer Agreement.

Security in our DNA buffDNA

We collect the minimum necessary data and give users clear controls. Our security practices are documented and continuously improved.

Security practices Privacy policy
  • Strong data protection
    JWT key material rotates regularly, and IDs are cryptographically secure.
  • Access control at every level
    Access control checks are built into every feature of XIVAuth.
  • Transparent processes
    Open code and accessible devs mean internals are easy to inspect.
  • Strict no-Namazu policies
    Namazu discovered in the datacenter are forcibly removed, yes, yes.