SSOReady

We're building dev tools for implementing Enterprise SSO. You can use SSOReady to add SAML support to your product this afternoon, for free, forever. You can think of us as an open source alternative to products like Auth0 or WorkOS.

MIT-Licensed
Self-hosted, or free at app.ssoready.com
Keeps you in control of your users database
Well-documented, straightforward implementation
Python and TypeScript/Node.js SDKs, more in development

Documentation

For full documentation, check out https://ssoready.com/docs.

At a super high level, all it takes to add SAML to your product is to:

Sign up on app.ssoready.com for free
From your login page, call the getRedirectUrl endpoint when you want a user to sign in with SAML
Your user gets redirected back to a callback page you choose, e.g. your-app.com/ssoready-callback?saml_access_code=.... You call redeemSamlAccessCode with the saml_access_code and log them in.

Calling the getRedirectUrl endpoint looks like this in TypeScript:

// this is how you implement a "Sign in with SSO" button
const { redirectUrl } = await ssoready.saml.getSamlRedirectUrl({
  // the ID of the organization/workspace/team (whatever you call it)
  // you want to log the user into
  organizationExternalId: "..."
});

// redirect the user to `redirectUrl`...

And redeemSamlAccessCode looks like this:

// this goes in your handler for POST /ssoready-callback
const { email, organizationExternalId } = await ssoready.saml.redeemSamlAccessCode({
    samlAccessCode: "saml_access_code_..."
});

// log the user in as `email` inside `organizationExternalId`...

Check out the quickstart for the details spelled out more concretely. The whole point of this project is to make enterprise SSO super obvious and easy.

Philosophy

We believe everyone that sells software to businesses should support enterprise SSO. It's a huge security win for your customers.

The biggest problem with enterprise SSO is that it's way too confusing. Most open-source SAML libraries are underdocumented messes. Every time I've tried to implement SAML, I was constantly looking for someone to just tell me what in the world I was supposed to concretely do.

We believe that more people will implement enterprise SSO if you make it obvious and secure by default. We are obsessed with giving every developer clarity and security here.

Also, we believe randomly pumping up prices on security software like this is totally unacceptable. MIT-licensing the software gives you insurance against us ever doing that. Do whatever you want with the code. Fork us if we ever misbehave.

Reporting problems

Please feel welcome to use GitHub issues or reach out directly at [email protected]. We want to know about any bugs you encounter, any features you'd like to request, or any questions you need answered.

We take security extremely seriously. If you become aware of any potential vulnerabilities, please contact us immediately using [email protected]. You will receive a response laying out next steps within 24 hours; in most cases, you should expect an immediate response. Do not open a GitHub issue. Do not post on any forums. If you feel unsure about whether something matters, know that we will be very grateful even for a false alarm.

ssoready Goto Github PK

SSOReady

Documentation

Philosophy

Reporting problems

SSOReady's Projects

.github

conf

fern-config

prettyuuid

ssoready

ssoready-python

ssoready-typescript

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent