/ssoready

Open-source dev tools for enterprise SSO. Ship SAML support this afternoon.

Primary LanguageTypeScriptMIT LicenseMIT

SSOReady

We're building dev tools for implementing Enterprise SSO. You can use SSOReady to add SAML support to your product this afternoon, for free, forever. You can think of us as an open source alternative to products like Auth0 or WorkOS.

Documentation

For full documentation, check out https://ssoready.com/docs.

At a super high level, all it takes to add SAML to your product is to:

  1. Sign up on app.ssoready.com for free
  2. From your login page, call the getRedirectUrl endpoint when you want a user to sign in with SAML
  3. Your user gets redirected back to a callback page you choose, e.g. your-app.com/ssoready-callback?saml_access_code=.... You call redeemSamlAccessCode with the saml_access_code and log them in.

Calling the getRedirectUrl endpoint looks like this in TypeScript:

// this is how you implement a "Sign in with SSO" button
const { redirectUrl } = await ssoready.saml.getSamlRedirectUrl({
  // the ID of the organization/workspace/team (whatever you call it)
  // you want to log the user into
  // make sure authorization code is assigned to "SSOREADY_API_KEY" env variable for ssoReady to pick it.
  organizationExternalId: "..."
});

// redirect the user to `redirectUrl`...

And redeemSamlAccessCode looks like this:

// this goes in your handler for POST /ssoready-callback
const { email, organizationExternalId } = await ssoready.saml.redeemSamlAccessCode({
    samlAccessCode: "saml_access_code_..."
});

// log the user in as `email` inside `organizationExternalId`...

Check out the quickstart for the details spelled out more concretely. The whole point of this project is to make enterprise SSO super obvious and easy.

Philosophy

We believe everyone that sells software to businesses should support enterprise SSO. It's a huge security win for your customers.

The biggest problem with enterprise SSO is that it's way too confusing. Most open-source SAML libraries are underdocumented messes. Every time I've tried to implement SAML, I was constantly looking for someone to just tell me what in the world I was supposed to concretely do.

We believe that more people will implement enterprise SSO if you make it obvious and secure by default. We are obsessed with giving every developer clarity and security here.

Also, we believe randomly pumping up prices on security software like this is totally unacceptable. MIT-licensing the software gives you insurance against us ever doing that. Do whatever you want with the code. Fork us if we ever misbehave.

Reporting problems

Please feel welcome to use GitHub issues or reach out directly at founders@ssoready.com. We want to know about any bugs you encounter, any features you'd like to request, or any questions you need answered.

We take security extremely seriously. If you become aware of any potential vulnerabilities, please contact us immediately using security-contact@ssoready.com. You will receive a response laying out next steps within 24 hours; in most cases, you should expect an immediate response. Do not open a GitHub issue. Do not post on any forums. If you feel unsure about whether something matters, know that we will be very grateful even for a false alarm.