Signward

Signward is a Hungarian identity-as-a-service (IDaaS) provider built specifically for small teams of roughly 5 to 500 users. It handles the authentication and identity layer that most applications need - single sign-on, multi-factor authentication, user management - and does so from within the European Union with a GDPR-first posture. For European developers and small businesses who want an Auth0-style experience without sending their identity data outside the EU, Signward is a focused, well-scoped option.

EU-Built and EU-Hosted

Signward is a European company based in Hungary, and it runs on Microsoft Azure's EU regions within Microsoft's EU Data Boundary. It's worth being precise here: this means the service is operated by an EU company and your identity data is stored and processed inside the EU, though the underlying cloud infrastructure is Microsoft Azure rather than a European hyperscaler. For most teams whose priority is EU data residency and a European vendor relationship, this is a strong setup; for organisations seeking a fully sovereign, non-US infrastructure stack, the Azure dependency is worth noting.

On compliance, Signward ships a full GDPR stack rather than treating it as an afterthought: a signed Data Processing Agreement (DPA), built-in consent management, data export, and tenant deletion. These are exactly the capabilities a European business needs to satisfy its own GDPR obligations, and having them included by default removes a lot of the legwork that comes with US-based identity providers.

Authentication Features in Every Plan

One of Signward's most appealing decisions is that it does not gate core security behind higher tiers. SSO, custom domains, passkeys (WebAuthn/FIDO2), TOTP-based MFA, custom branding, webhooks, API keys and audit logs are all included in every plan. This is notable because passkeys and SSO - features that established competitors often reserve for expensive enterprise tiers - are available to the smallest customer here.

Passkey support (WebAuthn/FIDO2) is particularly welcome, as passwordless, phishing-resistant authentication is rapidly becoming the security baseline. Combined with TOTP MFA and audit logs in every tier, Signward gives even a five-person team a genuinely modern security foundation without forcing an upgrade.

Developer Experience

Signward implements standard OpenID Connect (OIDC) and OAuth 2.0, which means integration follows well-understood patterns rather than a proprietary scheme - an important consideration both for speed of integration and for avoiding lock-in. It provides MIT-licensed SDKs for .NET, Python, JavaScript and PHP, covering the most common stacks for the small-to-mid-sized teams it targets. Documentation lives at developer.signward.com.

The MIT licensing of the SDKs is a thoughtful touch: while Signward itself is not open source, the client libraries are permissively licensed, so teams can read, adapt and trust the code they embed in their own applications. Standard OIDC also means that if a team ever needs to migrate, the protocol-level work transfers to another compliant provider.

AI Anomaly Detection and Security Reporting

From the Standard plan upward, Signward adds AI-based anomaly detection to flag unusual sign-in behaviour - a useful layer of automated threat detection that smaller teams rarely have the resources to build themselves. The Pro plan goes a step further with a weekly, plain-language security report, translating account activity and risk signals into something a non-specialist owner or manager can actually read and act on.

This plain-language reporting reflects Signward's small-team focus well. Rather than burying security in dashboards aimed at full-time security engineers, it surfaces the important signals in accessible form - appropriate for the businesses that are its core audience.

Pricing

Signward uses flat per-user pricing of roughly 3 to 5 euros per user per month, with a 30-day free trial. Crucially, there is no per-MAU (monthly active user) billing. Anyone who has been surprised by an identity provider's bill knows why this matters: MAU-based pricing can spike unpredictably as an application grows, whereas flat per-user pricing is predictable and easy to budget. For a small team, knowing your identity costs in advance is a real advantage.

You can see how Signward frames itself against the incumbent on its Auth0 comparison page, and review its security posture on the security and trust page.

Pros and Cons

In the spirit of presenting Signward accurately rather than overselling it, here is a balanced summary:

Pros:

• EU-built and EU-hosted, with a GDPR-first design (signed DPA, consent management, data export, tenant deletion)
• Flat per-user pricing with no MAU surprises - predictable and budget-friendly
• Passkeys, MFA and SSO included in every tier, not gated behind enterprise plans
• Quick integration via standard OIDC/OAuth 2.0 and MIT-licensed SDKs for .NET, Python, JavaScript and PHP

Cons:

• Young product, with a public launch in 2026 and a limited track record so far
• Focused on small teams (5-500 users), not built for enterprise scale
• No inbound SAML / enterprise federation yet
• Not open source (though the SDKs are MIT-licensed) and hosted on Microsoft Azure rather than a European hyperscaler

Who Should Use Signward

Signward is an excellent fit for European startups, small businesses and development teams that want a modern, GDPR-first identity provider without enterprise complexity or unpredictable MAU bills. If you're building on .NET, Python, JavaScript or PHP and want SSO, passkeys and MFA working quickly via standard OIDC, Signward is genuinely easy to adopt. Teams that need inbound SAML federation, enterprise-scale deployments, or a fully open-source, non-US-cloud stack should look at more mature options such as Keycloak or Zitadel. But for its target audience - small EU teams that want to keep identity data in Europe with predictable costs - Signward is a strong, well-judged newcomer.