Terms of Service

Last Updated: May 11, 2026

These Terms of Service ("Terms") govern access to and use of oneauth.in ("OneAuth", "we", "our", or "us"), including all authentication, authorization, identity, account linking, OAuth 2.0, OpenID Connect, API, and related services.

By accessing or using OneAuth, users, developers, organizations, and client applications agree to these Terms.

1. Services

OneAuth provides identity and authentication infrastructure including:

- OAuth 2.0 authorization services.
- OpenID Connect authentication services.
- Federated authentication and social login services.
- Multi-factor authentication services.
- Account linking and identity federation services.
- Token issuance and validation services.
- Identity and authorization APIs.
- Client application authorization and authentication infrastructure.

2. Eligibility

Users and organizations must comply with all applicable laws and regulations when using OneAuth.

Users are responsible for maintaining the security of their accounts, authentication methods, devices, and credentials.

3. Authentication and Account Security

Users may authenticate using supported third-party identity providers and authentication methods.

Users are responsible for:

- Maintaining access to linked authentication providers.
- Protecting multi-factor authentication devices and credentials.
- Maintaining the confidentiality of authentication information.
- Immediately reporting unauthorized access or suspicious activity.

OneAuth may require additional verification, multi-factor authentication, or identity confirmation for security purposes.

4. Linked Accounts

OneAuth allows users to link multiple authentication providers and accounts to a single OneAuth identity.

Users are solely responsible for ensuring they are authorized to link, manage, or use connected accounts.

OneAuth reserves the right to limit, suspend, or restrict account linking functionality for security, operational, or abuse prevention reasons.

5. Client Applications

Client applications integrating with OneAuth are responsible for:

- Protecting client credentials and secrets.
- Properly validating tokens and claims.
- Complying with applicable laws and platform requirements.
- Maintaining adequate security practices.
- Managing their own user data and authorization logic.
- Properly handling OAuth and OpenID Connect flows.

Client applications may only use OneAuth services for authorized and lawful purposes.

6. Tokens and Authorization

Tokens issued by OneAuth are intended only for authorized audiences and client applications.

Users and client applications may not:

- Forge or manipulate tokens.
- Attempt unauthorized access.
- Circumvent authentication or authorization mechanisms.
- Share client credentials improperly.
- Abuse refresh tokens or session mechanisms.
- Interfere with platform security controls.

7. Acceptable Use

Users and client applications may not use OneAuth for:

- Illegal activities.
- Fraudulent or deceptive practices.
- Unauthorized access or attacks.
- Malware distribution.
- Credential theft or phishing.
- Spam or abusive activity.
- Circumvention of security protections.
- Violations of third-party platform policies.

8. Third-Party Providers

OneAuth integrates with third-party identity providers, cloud providers, and external services.

Availability, functionality, and compatibility of third-party services may change without notice.

OneAuth is not responsible for:

- Third-party outages.
- Third-party account restrictions.
- Third-party policy changes.
- Third-party authentication failures.
- Third-party data handling practices.

9. Availability

OneAuth may modify, suspend, restrict, or discontinue any part of the service at any time without liability.

We do not guarantee uninterrupted availability, uptime, or error-free operation.

10. Security and Abuse Prevention

OneAuth may monitor activity, enforce rate limits, perform security checks, investigate abuse, and take protective actions to maintain service integrity and platform security.

We reserve the right to suspend, restrict, revoke, or terminate access where necessary for security, operational, legal, or abuse prevention reasons.

11. Data and Privacy

Use of OneAuth is also governed by the Privacy Policy and Cookie Policy. which are incorporated by reference into these Terms. By using OneAuth, users and client applications consent to the collection, use, and sharing of information as described in those policies. and those can be found at https://oneauth.in/privacy.html

Users and client applications acknowledge that authentication, authorization, security, and operational information may be processed as part of providing the service.

12. Intellectual Property

OneAuth, its software, branding, APIs, documentation, and platform components are protected by applicable intellectual property laws.

Except where expressly permitted, users and organizations may not copy, distribute, reverse engineer, or misuse platform components.

13. Disclaimer of Warranties

OneAuth is provided on an "as is" and "as available" basis without warranties of any kind, whether express or implied.

We disclaim all warranties including:

- Merchantability.
- Fitness for a particular purpose.
- Non-infringement.
- Availability.
- Security.
- Reliability.

14. Limitation of Liability

To the maximum extent permitted by law, OneAuth and its operators shall not be liable for any indirect, incidental, consequential, special, exemplary, or punitive damages arising from use of the service.

Users and organizations assume responsibility for their own implementations, integrations, security configurations, and operational usage.

15. Indemnification

Users and organizations agree to indemnify and hold harmless OneAuth and its operators from claims, damages, liabilities, losses, and expenses arising from misuse of the service, violations of these Terms, or unlawful activities.

16. Changes to Terms

We may update or modify these Terms at any time. Continued use of OneAuth after changes become effective constitutes acceptance of the updated Terms.

17. Termination

We reserve the right to suspend, revoke, or terminate access to OneAuth at any time for security, abuse prevention, operational, or legal reasons.

18. Contact

For legal, security, or service-related inquiries: Please visit our contact page.