Know every app your team logs into.

AuthBeacon is a lightweight browser extension that discovers login pages across your organization. Full visibility into shadow IT — no agents, no proxies, no traffic inspection.

Get Started Free See How It Works
Self-hosted Multi-tenant Privacy-first

The Problem

Your employees use more apps than you think.

The average organization has 3x more SaaS applications than IT knows about. Unmanaged apps create security gaps, compliance risks, and redundant spending. Most discovery tools require network proxies, endpoint agents, or CASB solutions that are expensive and invasive.

70%
of SaaS apps are shadow IT
$1,295
avg. wasted per employee/year on duplicate tools
56%
of security incidents involve unmanaged apps

How It Works

Three steps. Zero complexity.

1

Deploy the Extension

Install on Chrome or Edge. Push silently to your fleet via Group Policy or Intune. IT configures the API key — end users don't need to do anything.

2

Detect Login Pages

The extension passively scans for password fields in the DOM. When one is found, it reports the page URL and title — nothing else. No passwords, no form data, no browsing history.

3

Review Your Inventory

Your dashboard shows every discovered application, who's using it, SSO coverage, and trends over time. Export to CSV or XLSX for compliance reporting.

Features

Everything you need for app discovery.

Passive Detection

Scans the DOM for password fields. No traffic interception, no proxy, no man-in-the-middle. Works on any page, including SPAs with dynamic login forms.

Multi-Tenant Platform

Isolated data per organization. Multiple companies on a single instance. Tenant-scoped API keys, member management, and role-based access control.

SSO & Authentication

Sign in with email or enterprise SSO via OpenID Connect. Auto-provision users by email domain. Supports Azure AD, Okta, Google Workspace, and more.

User & Device Tracking

Know which users and devices are accessing which applications. Each sighting captures device ID, user email, browser, and OS for full attribution.

Dashboard & Reporting

Real-time overview with summary cards, top domains, trend charts, and recent discoveries. Export your full app inventory to CSV or XLSX.

Enterprise Deployment

Push extension config silently via Chrome/Edge managed policy. No end-user setup required. Works with Group Policy, Intune, and Jamf.

SSO Discovery

See which apps support SSO — and which don't.

AuthBeacon includes a catalog of 100+ known SSO-capable applications. Every discovered app is automatically matched against the catalog and labeled with its SSO status.

SSO Active
Your admin has confirmed this app is using SSO in your org.
SSO Capable
The app supports SSO (SAML/OIDC) but hasn't been confirmed by your org.
Unknown
Not in the catalog. Could be an internal tool, niche SaaS, or shadow IT.
SSO Review Dashboard
Slack
slack.com · Collaboration
SSO Active
Figma
figma.com · Design
SSO Capable
internal-tools.corp
Not in catalog
Unknown
GitHub
github.com · Development
SSO Active

Privacy & Security

Built for enterprise trust.

Self-Hosted

Your data stays on your infrastructure. We never see, touch, or process your discovery data.

No Credentials Captured

Only detects the presence of password fields. Never reads, captures, or transmits passwords or form data.

Encrypted in Transit

All communication between the extension and your server uses HTTPS. API keys are SHA-256 hashed.

Audit Logging

Every API key creation, member change, and SSO override is logged with user, tenant, IP, and timestamp.

Ready to discover your shadow IT?

Deploy in minutes. No agents, no proxies, no complexity.

Get Started Free Contact Sales