Code-based nature means you can build on top of it to power anything.
Resources
DocumentationExamplesTemplatesGitHubBlog
Community
RoadmapDiscordCommunity Help
Payload Cloud

Deploy your entire stack in one place with Payload Cloud.

LoginCloud Pricing
It’s time to take back your content infrastructure.
Schedule a Demo
Enterprise Features
SSOPublishing WorkflowsVisual EditorStatic A/B testingAI features
Customer Stories
MicrosoftBlue OriginHello BelloMythical SocietyTekton
Featured Customer Story

Microsoft chose Payload to tell the world about AI.

Read the case study
New projectLogin
New projectLogin

Security at Payload

Security isn't just a feature—it's foundational to what Payload does as an open-source solution.

The open availability of our source code allows a diverse community of developers to address vulnerabilities, leading to a more secure and battle-tested product compared to SaaS alternatives.

Explore Docs

Optimizing Security in your Payload Environment

Payload provides a comprehensive range of security features designed to safeguard your data effectively.

Review Payload Docs
01

Single Sign-On (SSO)

SSO integrates with any SAML or OAuth 2.0 identity provider, and meets the requirements the highest enterprise security standards.

02

Authentication

Payload's user Auth is built on secure, HttpOnly cookies to protect from MITM (Man in the Middle) and XSS (cross site scripting) attacks.

03

Access Control

Deep access control down to the field level allows for granular management of data access and modification rights.

04

CSRF Prevention

Cross-Site Request Forgery (CSRF) prevention will verify the authenticity of each request to your API to prevent a malicious action.

05

Cross Origin Resource Sharing

You can determine a whitelist array of URLS to allow CORS requests from, or a wildcard string ('*') to accept incoming requests from any domain.

06

IP-Based Rate Limiting

To prevent DDoS, brute-force, and similar attacks, you can set IP-based rate limits via Payload's rateLimit property.

01

User Authentication

Authentication is used within the Payload Admin panel itself as well as throughout your app(s) themselves however you determine necessary.

Read the Docs
Authentication admin and external loginAuthentication admin and external login
02

Single Sign-On (SSO)

With Payload’s Single Sign-On solution, enterprise users can securely log in using their corporate credentials.

Screenshots of a list of users and a login dialog.Screenshots of a list of users and a login dialog.
03

Access Control

Upon the first login with corporate credentials, user profiles are automatically generated, effortlessly mapping permissions across teams, service lines, or entire departments, down to the individual employee.

Read the Docs
greyed out text fieldgreyed out text field

Schedule a demo—and start building.

The most innovative companies on earth are turning to Payload for mission-critical projects. Let us show you why.

Schedule a Demo