Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ssoready/ssoready
Open-source dev tools for enterprise SSO. Ship SAML + SCIM support this afternoon.
https://github.com/ssoready/ssoready
auth authentication authentication-middleware directory-sync saml saml-authentication saml-service-provider saml-sp-single-sign-on saml2 scim single-sign-on single-signin-api sso sso-api sso-authentication sso-login sso-solution
Last synced: 2 days ago
JSON representation
Open-source dev tools for enterprise SSO. Ship SAML + SCIM support this afternoon.
- Host: GitHub
- URL: https://github.com/ssoready/ssoready
- Owner: ssoready
- License: mit
- Created: 2024-04-05T16:10:12.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2025-01-13T16:35:47.000Z (19 days ago)
- Last Synced: 2025-01-24T07:02:20.748Z (9 days ago)
- Topics: auth, authentication, authentication-middleware, directory-sync, saml, saml-authentication, saml-service-provider, saml-sp-single-sign-on, saml2, scim, single-sign-on, single-signin-api, sso, sso-api, sso-authentication, sso-login, sso-solution
- Language: TypeScript
- Homepage: https://ssoready.com
- Size: 171 MB
- Stars: 1,354
- Watchers: 5
- Forks: 48
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-github-repos - ssoready/ssoready - Open-source dev tools for enterprise SSO. Ship SAML + SCIM support this afternoon. (TypeScript)
README
.png?raw=true#gh-light-mode-only)
.png?raw=true#gh-dark-mode-only)
# SSOReady
We're building dev tools for implementing Enterprise SSO. You can use SSOReady to add SAML support to your product this
afternoon, for free, forever. You can think of us as an open source alternative to products like Auth0 or WorkOS.
* MIT-Licensed
* Self-hosted, or free at [app.ssoready.com](https://app.ssoready.com)
* Keeps you in control of your users database
* [Well-documented](https://ssoready.com/docs), straightforward implementation
* [Python](https://github.com/ssoready/ssoready-python) and
[TypeScript/Node.js](https://github.com/ssoready/ssoready-typescript) SDKs, more in development
## Documentation
For full documentation, check out https://ssoready.com/docs.
At a super high level, all it takes to add SAML to your product is to:
1. Sign up on [app.ssoready.com](https://app.ssoready.com) for free
2. From your login page, call the `getRedirectUrl` endpoint when you want a user to sign in with SAML
3. Your user gets redirected back to a callback page you choose, e.g. `your-app.com/ssoready-callback?saml_access_code=...`. You
call `redeemSamlAccessCode` with the `saml_access_code` and log them in.
Calling the `getRedirectUrl` endpoint looks like this in TypeScript:
```typescript
// this is how you implement a "Sign in with SSO" button
const { redirectUrl } = await ssoready.saml.getSamlRedirectUrl({
// the ID of the organization/workspace/team (whatever you call it)
// you want to log the user into
organizationExternalId: "..."
});
// redirect the user to `redirectUrl`...
```
And `redeemSamlAccessCode` looks like this:
```typescript
// this goes in your handler for POST /ssoready-callback
const { email, organizationExternalId } = await ssoready.saml.redeemSamlAccessCode({
samlAccessCode: "saml_access_code_..."
});
// log the user in as `email` inside `organizationExternalId`...
```
Check out [the quickstart](https://ssoready.com/docs) for the details spelled out more concretely. The whole point of
this project is to make enterprise SSO super obvious and easy.
## Philosophy
We believe everyone that sells software to businesses should support enterprise
SSO. It's a huge security win for your customers.
The biggest problem with enterprise SSO is that it's way too confusing. Most
open-source SAML libraries are underdocumented messes. Every time I've tried to
implement SAML, I was constantly looking for someone to just tell me what in the
_world_ I was supposed to concretely do.
We believe that more people will implement enterprise SSO if you make it obvious
and secure by default. We are obsessed with giving every developer clarity and
security here.
Also, we believe randomly pumping up prices on security software like this is
totally unacceptable. MIT-licensing the software gives you insurance against us
ever doing that. Do whatever you want with the code. Fork us if we ever
misbehave.
## Reporting problems
Please feel welcome to use [GitHub issues](https://github.com/ssoready/ssoready/issues) or reach out directly at [email protected]. We want to know about any bugs you encounter, any features you'd like to request, or any questions you need answered.
We take security *extremely* seriously. If you become aware of any potential vulnerabilities, **please contact us immediately using [email protected]**. You will receive a response laying out next steps within 24 hours; in most cases, you should expect an immediate response. Do not open a GitHub issue. Do not post on any forums. If you feel unsure about whether something matters, know that we will be very grateful even for a false alarm.