MYPASS Elite
Enterprise MFA Platform

Every Feature You Need to Secure Modern Apps

Push MFA, iOS password manager, APNs authenticator, zero-trust audit logs — all in one API. No SMS. No TOTP seeds. Just cryptographically secure, user-friendly authentication.

Start free Read the docs
Push MFA
Password Manager
APNs Authenticator
Zero Trust
Webhooks
Audit Logs
Secret Rotation
Multi-Tenant

Platform Features

Built for security engineers, delivered as a simple REST API.

Core

Push MFA (iOS & Android)

Deliver one-tap MFA challenges directly to your users' iOS and Android devices via native push notifications. No SMS codes to intercept—no TOTP seeds to steal.

  • Silent push via APNs (Apple Push Notification service) & FCM
  • Real-time approve / deny with biometric confirmation
  • Geo-tagged sessions with IP address logging
  • Signed push payloads prevent relay attacks
  • Sub-second delivery with automatic retry & expiry
terminal
curl -X POST https://api.example.com/api/v1/mfa/send \
  -H "X-Client-ID: your_client_id" \
  -H "X-Client-Secret: your_client_secret" \
  -H "Content-Type: application/json" \
  -d '{
    "user_ref": "usr_001",
    "message": "Login from 192.168.1.1 — approve?"
  }'
iOS

iOS Password Manager Extension

MYPASS Elite ships an AutoFill Credential Provider extension for iOS. Your enterprise apps can inject credentials directly into the iOS credential store — zero clipboard exposure.

  • ASCredentialProviderViewController integration
  • On-device encryption — credentials never leave the device unencrypted
  • Face ID / Touch ID gate before AutoFill
  • Supports password + passkey (FIDO2) entries
  • Admin-controlled credential provisioning via REST API
iOS

APNs Authenticator (iOS)

Register iOS devices with your own Apple Developer APNs credentials. MYPASS Elite uses your team's APNs key so notifications arrive under your app bundle — branded, trusted.

  • Bring-your-own APNs .p8 key — stored AES-256 encrypted
  • Supports both sandbox and production environments
  • Device enrolment flow via QR code or deep-link
  • Multi-device per user — each device tracked & revocable
  • Token refresh handled automatically
Security

Zero-Trust Access Control

Every authentication decision is logged, signed, and auditable. MYPASS Elite follows a trust-nothing principle — each factor, device, and session is verified independently.

  • Immutable audit log for every MFA event
  • Device fingerprinting (device_id, platform, OS version)
  • Session status: pending / approved / denied / expired / cancelled
  • Webhook callbacks to your SIEM or SOAR in real time
  • Failed attempt throttling and automatic lockout policies
Integration

Webhook & Event Integration

Get instant callbacks on every authentication event. Integrate MYPASS Elite with any SIEM, ticketing system, or custom workflow with a signed HMAC webhook.

  • HMAC-SHA256 signed payloads — verify authenticity server-side
  • Event mfa.response (status: approved/denied in payload); polling for expired/cancelled
  • Configurable retry with exponential back-off
  • Webhook secret rotation without service interruption
  • Delivery receipt tracking in audit logs
terminal
// Verify webhook signature in your receiver
const sig = req.headers['x-mypass-signature'];
const expected = 'sha256=' + hmac('sha256', webhookSecret, rawBody);
if (!timingSafeEqual(sig, expected)) return res.status(401).end();

const event = req.body; // { event, session_ref, status, ... }
Platform

Multi-Tenant REST API

The MYPASS Elite API is built for SaaS platforms and enterprises operating at scale. One API key pair manages unlimited end-users under your tenant.

  • Client-ID + Client-Secret authentication (rotate without downtime)
  • Tenant-scoped user & device namespacing
  • Rate limits aligned to plan tier (Free → Enterprise)
  • OpenAPI 3.0 specification + Swagger UI at /docs
  • JWT-based session auth for the management portal

How MYPASS Compares

Push MFA is categorically more secure than SMS OTP or TOTP apps.

FeatureMYPASS EliteSMS OTPTOTP App
Push MFA (In-App)
Biometric gate (FaceID/TouchID)
MITM & SIM-swap resistant
iOS Password Manager extension
Bring-your-own APNs key
Signed webhook callbacks
Device-level revocation
Immutable audit log
REST API + OpenAPI docs
Multi-tenant management

Ready to ditch SMS 2FA?

Get your API credentials in 2 minutes. Free plan — no credit card required.

Create free account Talk to sales