{"id":13507177,"url":"https://github.com/boxyhq/jackson","last_synced_at":"2025-04-23T20:49:22.772Z","repository":{"id":36967127,"uuid":"395891383","full_name":"boxyhq/jackson","owner":"boxyhq","description":"🔥 Streamline your web application's authentication with Jackson, an SSO service supporting SAML and OpenID Connect protocols. Beyond enterprise-grade Single Sign-On, it also supports Directory Sync via the SCIM 2.0 protocol for automatic user and group provisioning/de-provisioning. 🤩","archived":false,"fork":false,"pushed_at":"2025-04-21T08:53:04.000Z","size":54725,"stargazers_count":2018,"open_issues_count":32,"forks_count":177,"subscribers_count":15,"default_branch":"main","last_synced_at":"2025-04-21T09:42:04.667Z","etag":null,"topics":["enterprise-software","hacktoberfest","identity-access-management","javascript","next-auth","nextjs","nodejs","oidc","open-source","openid","openid-connect","saml","saml-authentication","saml-identity-provider","saml-service-provider","saml2","single-sign-on","sso","sso-authentication","typescript"],"latest_commit_sha":null,"homepage":"https://boxyhq.com/docs/jackson/overview","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/boxyhq.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2021-08-14T04:41:00.000Z","updated_at":"2025-04-21T08:47:09.000Z","dependencies_parsed_at":"2023-10-20T16:36:09.873Z","dependency_job_id":"1470d11b-7634-40e0-957f-25aa8fcabf93","html_url":"https://github.com/boxyhq/jackson","commit_stats":{"total_commits":1444,"total_committers":17,"mean_commits":84.94117647058823,"dds":0.5803324099722992,"last_synced_commit":"9916cfe274d5915cd2d7b09cf7bd489f2e338f3a"},"previous_names":[],"tags_count":194,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/boxyhq%2Fjackson","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/boxyhq%2Fjackson/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/boxyhq%2Fjackson/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/boxyhq%2Fjackson/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/boxyhq","download_url":"https://codeload.github.com/boxyhq/jackson/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250513781,"owners_count":21443204,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["enterprise-software","hacktoberfest","identity-access-management","javascript","next-auth","nextjs","nodejs","oidc","open-source","openid","openid-connect","saml","saml-authentication","saml-identity-provider","saml-service-provider","saml2","single-sign-on","sso","sso-authentication","typescript"],"created_at":"2024-08-01T02:00:26.112Z","updated_at":"2025-04-23T20:49:22.724Z","avatar_url":"https://github.com/boxyhq.png","language":"TypeScript","readme":"# SAML Jackson: Open Source Enterprise SSO And Directory Sync\n\n\u003ca href=\"https://bestpractices.coreinfrastructure.org/projects/7493\"\u003e\u003cimg src=\"https://bestpractices.coreinfrastructure.org/projects/7493/badge\" alt=\"OpenSSF Best Practices Badge\"\u003e\u003c/a\u003e\n\u003ca href=\"https://www.npmjs.com/package/@boxyhq/saml-jackson\"\u003e\u003cimg src=\"https://img.shields.io/npm/dt/@boxyhq/saml-jackson\" alt=\"NPM downloads badge\" \u003e\u003c/a\u003e\n\u003ca href=\"https://hub.docker.com/r/boxyhq/jackson\"\u003e\u003cimg src=\"https://img.shields.io/docker/pulls/boxyhq/jackson\" alt=\"Docker pull statistics badge\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/boxyhq/jackson/blob/main/LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/github/license/boxyhq/jackson\" alt=\"Apache 2.0 license badge\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/boxyhq/jackson/issues\"\u003e\u003cimg src=\"https://img.shields.io/github/issues/boxyhq/jackson\" alt=\"Open Github issues badge\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/boxyhq/jackson/stargazers\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/boxyhq/jackson\" alt=\"Github stargazers\"\u003e\u003c/a\u003e\n\u003ca href=\"https://www.npmjs.com/package/@boxyhq/saml-jackson\"\u003e\u003cimg src=\"https://img.shields.io/node/v/@boxyhq/saml-jackson\" alt=\"Nodejs version support badge\"\u003e\u003c/a\u003e\n\u003ca href=\"https://raw.githubusercontent.com/boxyhq/jackson/main/swagger/swagger.json\"\u003e\u003cimg src=\"https://img.shields.io/swagger/valid/3.0?specUrl=https%3A%2F%2Fraw.githubusercontent.com%2Fboxyhq%2Fjackson%2Fmain%2Fswagger%2Fswagger.json\" alt=\"Swagger Validator badge\"\u003e\u003c/a\u003e\n\nSAML Jackson bridges or proxies a SAML login flow to OAuth 2.0 or OpenID Connect, abstracting away all the complexities of the SAML protocol. It also supports Directory Sync via the SCIM 2.0 protocol for automatic user and group provisioning/de-provisioning.\n\n\u003e We now also support OpenID Connect providers.\n\n![A quick demo of the admin portal without sound to show an overview of what to expect. It shows features such as SSO, the ability to set up SSO connections, Setup Links, Directory sync, and more](samljackson480.gif)\n\n## Directory Sync\n\nSAML Jackson also supports Directory Sync based on the SCIM 2.0 protocol.\n\nDirectory sync helps organizations automate the provisioning and de-provisioning of their users. As a result, it streamlines the user lifecycle management process by saving valuable organizational hours, creating a single truth source of the user identity data, and facilitating them to keep the data secure.\n\nFor complete documentation, visit [boxyhq.com/docs/directory-sync/overview](https://boxyhq.com/docs/directory-sync/overview)\n\n## 🌟 Why star this repository?\n\nIf you find this project helpful, please consider supporting us by starring [the repository](https://github.com/boxyhq/jackson) and sharing it with others. This helps others find the project, grow the community and ensure the long-term health of the project. 🙏\n\n- [SAML Jackson: Open Source Enterprise SSO And Directory Sync](#saml-jackson-open-source-enterprise-sso-and-directory-sync)\n  - [Directory Sync](#directory-sync)\n  - [🌟 Why star this repository?](#-why-star-this-repository)\n  - [🚀 Getting Started with SAML Jackson](#-getting-started-with-saml-jackson)\n    - [Try A Demo](#try-a-demo)\n    - [Deploying SAML Jackson as a separate service locally](#deploying-saml-jackson-as-a-separate-service-locally)\n      - [Prerequisites](#prerequisites)\n      - [Clone the repository](#clone-the-repository)\n      - [Install dependencies](#install-dependencies)\n      - [Setup environment variables](#setup-environment-variables)\n      - [Database](#database)\n      - [Start the development server](#start-the-development-server)\n    - [Documentation](#documentation)\n    - [Easy Cloud Deployment](#easy-cloud-deployment)\n  - [Videos](#videos)\n  - [End-to-End (E2E) tests](#end-to-end-e2e-tests)\n  - [About BoxyHQ](#about-boxyhq)\n  - [Security And Observability](#security-and-observability)\n    - [Observability](#observability)\n    - [SBOM Reports (Software Bill Of Materials)](#sbom-reports-software-bill-of-materials)\n    - [Container Signing and Verification](#container-signing-and-verification)\n    - [🛡️ Reporting Security Issues](#️-reporting-security-issues)\n  - [Contributing](#contributing)\n  - [💫 Support](#-support)\n  - [📌 License](#-license)\n\n## 🚀 Getting Started with SAML Jackson\n\nThere are two ways to integrate SAML Jackson into an application. Depending on your use case, you can choose either of them. \u003cbr\u003e\n\n1. [As a separate service](https://boxyhq.com/docs/jackson/deploy/service) ([Next.js](https://nextjs.org/) application) This includes an admin portal out of the box for managing SSO and Directory Sync connections.\n2. [NPM library](https://boxyhq.com/docs/jackson/deploy/npm-library) as an embedded library in your application.\n\n### Try A Demo\n\n- Try our hosted demo showcasing the SAML service provider (SP) initiated [login flow here](https://saml-demo.boxyhq.com), which uses our [Mock SAML](https://mocksaml.com) IdP service.\n- Try an Identity Provider (IdP) initiated [login flow here](https://mocksaml.com/saml/login).\n\n### Deploying SAML Jackson as a separate service locally\n\nLet's get you to Hello SAML Jackson in no time.\n\n#### Prerequisites\n\n- [Node.js](https://nodejs.org/en) at version `18.14.2` or higher\n\n\u003e It is generally a good idea to install and maintain Node.js versions using a version manager like [nvm](https://github.com/nvm-sh/nvm) or [nvs](https://github.com/jasongin/nvs) on Windows. More [information is available here](https://schalkneethling.com/posts/installing-node-and-managing-versions).\n\n#### Clone the repository\n\n```bash\ngit clone https://github.com/boxyhq/jackson.git\ncd jackson\n```\n\n#### Install dependencies\n\n```bash\nnpm i\n```\n\n#### Setup environment variables\n\nCreate a `.env` from the existing `.env.example` file in the root of the project.\n\n```bash\ncp .env.example .env\n```\n\n\u003e **Environment variable documentation:** Have a look at \u003chttps://boxyhq.com/docs/jackson/deploy/env-variables\u003e for all of the available environment variables.\n\n#### Database\n\nFor the rest of the setup, we will use a PostgreSQL database. The easiest way to get PostgreSQL up and running on macOS is by using Postgres.app. You can download it from [https://postgresapp.com/](https://postgresapp.com/).\n\n\u003e For other operating systems and alternative options for MacOS, please see the [documentation available on the Prisma website](https://www.prisma.io/dataguide/postgresql/setting-up-a-local-postgresql-database).\n\n#### Start the development server\n\nInstead of running it locally you could also run `docker compose up` and run a specific version of Jackson. For running it locally continue to follow the instructions below.\n\nNow that we have our database running we can start the development server. But before we do, we need a way to log into the admin portal.\n\nTo log in to the admin portal we either need to [configure magic links](https://boxyhq.com/docs/admin-portal/overview#1-magic-links), or [enable username and password](https://boxyhq.com/docs/admin-portal/overview#2-email-and-password) login. The easiest one, and the one we will use, is to enable username and password login.\n\nIn your `.env` find the `NEXTAUTH_ADMIN_CREDENTIALS` environment variable. We need to provide an `email:password` combination that we can then use to log in to the admin portal. For example:\n\n```bash\nNEXTAUTH_ADMIN_CREDENTIALS=admin@example.com:password\n```\n\nNow we can start the development server:\n\n```bash\nnpm run dev\n```\n\nOpen `http://localhost:5225` in your browser and you should be redirected to the login screen.\n\nAt the login screen, you can now use the username and password you set in the `NEXTAUTH_ADMIN_CREDENTIALS` environment variable to log in. Click \"Sign In\" and you should be logged in and see the SSO Connections page with no configured connections. We have reached Hello SAML Jackson!\n\n### Documentation\n\nFor the full documentation, visit [boxyhq.com/docs/jackson/overview](https://boxyhq.com/docs/jackson/overview)\n\n### Easy Cloud Deployment\n\nDeploy SAML Jackson to the cloud with a single click using the following providers:\n\n[![Deploy with Vercel](https://vercel.com/button)](\u003chttps://vercel.com/new/clone?repository-url=https%3A%2F%2Fgithub.com%2Fboxyhq%2Fjackson\u0026env=DB_ENGINE,DB_TYPE,DB_URL,DB_ENCRYPTION_KEY,DB_TTL,DB_CLEANUP_LIMIT,JACKSON_API_KEYS,EXTERNAL_URL,IDP_ENABLED,SAML_AUDIENCE,CLIENT_SECRET_VERIFIER,SMTP_HOST,SMTP_PORT,SMTP_USER,SMTP_PASSWORD,SMTP_FROM,NEXTAUTH_URL,NEXTAUTH_SECRET,NEXTAUTH_ACL\u0026envDescription=DB%20configuration%20and%20keys%20for%20encryption%20and%20authentication.EXTERNAL_URL%20(Usually%20https%3A%2F%2F%3Cproject-name-from-above%3E.vercel.app)%20can%20be%20set%20after%20deployment%20from%20the%20project%20dashboard.Set%20to%20''%20if%20not%20applicable.\u0026envLink=https://boxyhq.com/docs/jackson/deploy/env-variables\u003e)\n[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy)\n\n## Videos\n\n- SSO/OIDC Tutorial [SAML Jackson Enterprise SSO](https://www.youtube.com/watch?v=nvsD4-GQw4A) (split into chapters to easily find what you are looking for)\n- SAML single sign-on login [demo](https://www.youtube.com/watch?v=VBUznQwoEWU)\n\n## End-to-End (E2E) tests\n\nCreate a `.env.test.local` file and populate the values. To execute the tests run:\n\n```zsh\nnpm run test:e2e\n```\n\n## About BoxyHQ\n\n\u003ca href=\"https://boxyhq.com/enterprise-sso\"\u003e\n\u003cpicture\u003e\n  \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://github.com/boxyhq/.github/assets/66887028/df1c9904-df2f-4515-b403-58b14a0e9093\"\u003e\n  \u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://github.com/boxyhq/.github/assets/66887028/e093a466-72ea-41c6-a292-4c39a150facd\"\u003e\n  \u003cimg alt=\"BoxyHQ - Security building blocks for developers\" src=\"https://github.com/boxyhq/jackson/assets/66887028/b40520b7-dbce-400b-88d3-400d1c215ea1\" height=\"auto\" width=\"400\" /\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\nBoxyHQ is on a mission to democratize enterprise readiness for developers one building block at a time. We are building a suite of security building blocks that are easy to use and integrate into your applications. Our goal is to make being enterprise-ready accessible to all developers, founders, and those responsible for the security of their internal applications regardless of their security expertise.\n\n\u003ca href=\"https://twitter.com/BoxyHQ\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/boxyhq?style=social\" alt=\"Follow us on Twitter/X\"\u003e\u003c/a\u003e\n\u003ca href=\"https://www.linkedin.com/company/boxyhq\"\u003e\u003cimg src=\"https://img.shields.io/badge/LinkedIn-blue\" alt=\"Connect with us on LinkedIn\"\u003e\u003c/a\u003e\n\nCommunity is core to our mission. We are building a community of developers, security enthusiasts, and founders who are passionate about security and building secure applications. We are building in the open and would love for you to join us on this journey.\n\nJoin the community on Discord today.\n\n\u003ca href=\"https://discord.gg/uyb7pYt4Pa\"\u003e\u003cimg src=\"https://img.shields.io/discord/877585485235630130\" alt=\"Join the community on Discord\"\u003e\u003c/a\u003e\n\n## Security And Observability\n\n### Observability\n\nWe support first-class observability on the back of OpenTelemetry, refer [here](https://boxyhq.com/docs/jackson/observability) for more details.\n\n### SBOM Reports (Software Bill Of Materials)\n\nWe support SBOM reports, refer [here](https://boxyhq.com/docs/jackson/sbom) for more details.\n\n### Container Signing and Verification\n\nWe support container image verification using cosign, refer [here](https://boxyhq.com/docs/jackson/container-signing) for more details.\n\n### 🛡️ Reporting Security Issues\n\n[Responsible Disclosure](SECURITY.md)\n\n## Contributing\n\nThank you for your interest in contributing to SAML Jackson! We are excited to welcome contributions from the community. Please refer to our [contributing guidelines](CONTRIBUTING.md) for more information.\n\n## 💫 Support\n\nReach out to the maintainers at one of the following places:\n\n- [GitHub Discussions](https://github.com/boxyhq/jackson/discussions)\n- [GitHub Issues](https://github.com/boxyhq/jackson/issues)\n- [Discord](https://discord.gg/uyb7pYt4Pa)\n\n## 📌 License\n\n[Apache 2.0 License](https://github.com/boxyhq/jackson/blob/main/LICENSE)\n","funding_links":[],"categories":["Projects using `@faker-js/faker`","Development Products","TypeScript","open-source"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fboxyhq%2Fjackson","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fboxyhq%2Fjackson","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fboxyhq%2Fjackson/lists"}