Skip to content

enterprise-oss/osso

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
bin
 
 
 
 
 
 
 
 
db
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Osso is a source available microservice for adding SAML based SSO to your app. Deploy Osso to your infrastructure of choice, use the Osso Admin UI or osso-react to configure SAML for your customers that demand it, and sign them in to your application using OAuth with one of our OAuth client libraries, omniauth-osso or passport-osso.

osso
Build status

osso-rb
Build status

osso-react
Build status

omniauth-osso
Build status

passport-osso
Build status


Features

  • Treat SAML like OAuth: SAML is clunky, and you're probably already using OAuth. Osso provides an OAuth server, an Admin UI for managing OAuth clients, and OAuth client libraries for Ruby and NodeJS. Let Osso worry about the ugly SAML bits and customer configuration while your team focuses on your core application.

  • SAML Config in Osso's UI or yours: For every customer who demands SAML SSO, you'll need to go through a multistep process of creating a secure handshake between Osso and the customer's SAML provider. Get started quickly by configuring your customers' SAML providers in the Osso Admin UI, or allow your customers to perform configuration themselves in your UI with hooks and components from our React library osso-react.

  • Docs for everyone: SAML is an open specification, but each Identity Provider uses specific terminology and offers their own workflows for adding a new application. Osso generates PDF documentation with the data your customer needs to configure your app in any provider, and provides thorough documentation for your team who integrates and manages your Osso instance.

Get Started

Deploy

The fastest way to get started is to deploy to Heroku. Heroku will deploy your app, generating required ENV variables, and boostrapping your instance's database.

Deploy

We also offer paid hosted plans that can reduce the integration workload on your development team.

Git-based deploys are another recommended way to deploy and maintain your own Osso instance. Updates will primarily be made in osso-rb and osso-react, libraries that provide the core functionality, so be sure to stay on top of updates.

Consume OAuth

When a user wants to sign in to your application with SAML, send them to Osso with their email domain as part of an OAuth 2.0 authorization flow. Osso routes the user to their SAML provider, normalizes the payload, and sends them back to your application to complete the OAuth flow.

Use omniauth-osso or passport-osso for more convenience.

Documentation

Osso's primary documentation is at ossoapp.com. Key sections include:

  • Overview - Learn about Single Sign-On and SAML, why your customers want it and how to integrate it using Osso.
  • Quick start - A brief overview of a typical timeline for integrating Osso.
  • Deployment - Guides for deploying Osso to Heroku, via git or Docker, plus how to keep your instance up to date.
  • OAuth Setup - Authenticating SAML users to your application via OAuth.
  • Using Osso - A walk-through of the main functionality in our Admin UI.

Community

We'd be thrilled to receive community contributions, but please note that Osso is owned and managed by a for-profit company, EnterpriseOSS, and you will not be compensated for your contributions. The goal of the project is to provide boilerplate code that you can evaluate to be certain you're confident running it in production, lowering the cost of adding better security for your customers while staying off of the SSO Wall of Shame.

Open Source

Osso is developed and maintained by EntepriseOSS with a Business Source License. BSL is used by companies like Sentry and MariaDB. While not technically an open source license according to OSI, you are only prohibited from using Osso to compete with hosted Osso plans offered by EnterpriseOSS. See the full license text.

About

A Ruby OAuth microservice for SAML based authentication

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published