One organization, many trust surfaces.
Most identity platforms assume one company equals one sign-in surface. Real businesses run portfolios. A media company has three streaming services. A games studio has six titles. A holding company has a dozen consumer products.
Synq is built for that shape. Each brand under your org is its own trust surface, with separate sign-in theming, OAuth credentials, audience claims, and consent grants, all under one billing relationship and one engineering team.
Brand is the unit, organization is the container.
Each brand owns its scope vocabulary, theming, IdP credentials, and consent graph. The organization owns billing, members, and the brand catalog.
One org, many brands
Roll up your portfolio under a single organization. Each product launches as a brand with its own sign-in surface, theming, and provider credentials, with one team and one billing relationship.
Separate consent surfaces
Each brand owns its own consent ceremony. A user who signs in to Brand A has not signed in to Brand B. Identity stays portable; consent stays scoped.
Per-brand audience claims
Tokens carry an audience claim that maps to the brand the user authenticated against. Your backend enforces brand isolation by token validation, not bespoke routing.
Per-brand OAuth credentials
Each brand brings its own Google, Apple, Microsoft, and Discord OAuth credentials. The consent dialog matches the brand, not the parent company.
Brand-scoped user search
Your dashboard shows only the users who consented to that brand. Marketing teams operate per brand without leaking customer data across the portfolio.
Per-brand audit log
Every brand has its own audit log of sign-ins, consent grants, and admin changes. Compliance and incident response are scoped where they belong.
A user who signs in to Brand A has not signed in to Brand B.
In multi-brand identity, the user is the constant; consent is the variable. A single Synq account carries across brands so a user does not start over every time they touch a sister product. But each brand requires its own consent: the user signs in to ESPN, that does not give Disney+ a token.
This is the rule consumer-grade identity platforms ship; it is also the rule most B2B SSO platforms get wrong. Synq enforces it at the token layer, not at the application layer, so your engineers can ship without writing brand-isolation code.
- Audience claim per brand, validated at the token level
- Per-brand consent records, scoped to that brand only
- Per-brand sign-in surface and credentials
- One identity for the user, many trust relationships for the business
Run your whole portfolio on one identity layer.
Federation tier supports up to 10 brands. Authority is unlimited.