Flagsmith vs Stytch
Open-source feature flags + remote config — SaaS, private cloud, self-host
vs. Authentication platform for B2C and B2B
Pricing tiers
Flagsmith
Free
$0. 50,000 API requests/mo. 1 team member. Unlimited flags. Community support.
Free
Self-hosted
$0 (OSS). Host yourself via Docker/K8s. Fair-source license (non-compete).
$0 base (usage-based)
Start-up
$40/mo. 1,000,000 API requests/mo. 3 team members. Standard support.
$40/mo
Scale-up
$200/mo. 5,000,000 API requests. 10 team members. Priority support + SLA.
$200/mo
Enterprise
Custom. Unlimited API requests, SSO, SAML, RBAC, audit logs, on-prem.
Custom
Stytch
Free
10,000 MAU. Unlimited orgs. 5 SSO/SCIM connections. 1,000 M2M tokens. 10,000 fraud fingerprints. Full auth suite.
Free
Pay as you go
Usage-based after free allowances. Volume discounts for high MAU.
$0 base (usage-based)
Enterprise
Custom. 99.99% SLA, private Slack, migration assistance, HIPAA/BAA.
Custom
Free-tier quotas head-to-head
Comparing free on Flagsmith vs free on Stytch.
| Metric | Flagsmith | Stytch |
|---|---|---|
| fraud fingerprints included | — | 10000 fingerprints/month |
| m2m tokens included | — | 1000 tokens |
| mau included | — | 10000 users/month |
| organizations | — | unlimited orgs |
| sso connections included | — | 5 conns |
Features
Flagsmith · 14 features
- A/B Testing — Multivariate flag splits.
- Audit Log — Full history of flag changes.
- Change Requests — Approval workflow for flag changes.
- Edge API — Global low-latency flag eval.
- Feature Flags — Boolean + multivariate + JSON flags.
- Local Evaluation — Server SDKs eval flags locally — no per-req API call.
- Percentage Rollouts — Gradual traffic ramp.
- Remote Config — Non-boolean config values.
- Role-Based Access — Fine-grained permissions.
- Scheduled Flags — Time-based flag changes.
- Segments — Rule-based targeting.
- Self-Hosting — Docker/Helm install.
- SSO + SAML — Enterprise SSO.
- Webhooks — Outbound event streaming.
Stytch · 15 features
- B2B Auth — Multi-tenant auth: organizations, roles, JIT provisioning, enterprise SSO, SCIM.
- B2C Auth — Consumer auth: passwordless (magic links, OTP), passwords, OAuth, passkeys, WebA…
- Device Fingerprinting — Fingerprint devices at signup/login. Block bots, credential stuffing, and ATO at…
- Device-Fingerprint Risk API — Real-time risk scoring API usable even without full auth.
- Enterprise SSO (OIDC) — OIDC SSO per organization.
- Enterprise SSO (SAML) — SAML 2.0 SSO per organization. Self-serve admin portal.
- JIT Provisioning — Auto-create users in an org on first SSO sign-in.
- Machine-to-Machine — Client-credentials OAuth for service-to-service.
- OAuth / Social — Google, Apple, Microsoft, GitHub, Slack, Discord, Facebook, LinkedIn, Amazon, Bi…
- Organizations — Multi-tenant primitive with policies per org.
- Passkeys (WebAuthn) — FIDO2 passkey enrollment and authentication.
- Passwordless — Magic links (email) + OTP (email/SMS/WhatsApp) + embeddable magic links.
- RBAC — Roles and permissions per organization (B2B).
- SCIM Provisioning — Directory user/group provisioning from Okta, Azure, Google Workspace.
- Sessions — JWT or opaque session tokens. Configurable lifetime.
Developer interfaces
| Kind | Flagsmith | Stytch |
|---|---|---|
| CLI | Flagsmith CLI | — |
| SDK | flagsmith-android, flagsmith-go, flagsmith-ios, flagsmith-java, flagsmith-js (browser), flagsmith-nodejs, flagsmith-python, flagsmith-ruby | Android SDK, Go backend SDK, iOS SDK, Java backend SDK, JavaScript SDK, Next.js SDK, Node backend SDK, Python backend SDK, React SDK, Ruby backend SDK |
| REST | Flagsmith REST API | B2B API, B2C API |
| OTHER | Flagsmith Dashboard, Flagsmith Webhooks | — |
Staxly is an independent catalog of developer platforms. Outbound links to Flagsmith and Stytch are plain references to their official websites. Pricing is verified against vendor pages at publication time — reconfirm before buying.
Want this comparison in your AI agent's context? Install the free Staxly MCP server.