FrontEgg sells speed: drop-in login boxes, an admin portal, and B2B primitives like organizations and roles. The pricing follows the same B2B SaaS pattern as the platforms it serves — a free tier to start, then usage-based pricing that climbs on multiple axes at once: monthly active users, SSO/SCIM connections, and machine-to-machine (M2M) tokens.
As of 2026, FrontEgg's published pricing estimator scales roughly like this:
| Plan | Price | What's included |
|---|
| Free | $0 | Up to 7,500 MAU to evaluate the platform |
| Pay as you go | Usage-based (≈$2,490/mo at 18,000 MAU, 15 SSO/SCIM connections, 190 M2M tokens) | Hosted login, 5 enterprise connections, unlimited orgs, custom domain |
| Enterprise | Custom | Add-ons, multiple environments, advanced fraud protection, 99.99% SLA |
The catch is the same one every per-MAU platform shares, multiplied across three axes. The pay-as-you-go bill rises with your monthly active users, with each additional SSO/SCIM connection, and with the volume of M2M tokens you issue — so success makes it more expensive on three fronts at once. And the most advanced capabilities — multiple environments, advanced fraud protection, and a 99.99% SLA — sit behind a custom Enterprise contract rather than a published price.
Keycloak provides the same B2B building blocks — multi-tenant organizations, fine-grained roles, SSO, and self-service flows (Phase Two maintains the widely used Organizations extension) — with no per-MAU charge, no per-connection metering, and no M2M token billing. Your cost tracks infrastructure, not signups.
Winner: Keycloak
With Phase Two managed hosting, growth in active users doesn't change your bill. See a side-by-side pricing estimate vs. FrontEgg.