· Explore the docs »
· SaaS Early Access »

⭐️ SAML Jackson: Enterprise SSO made simple

🚀 Getting Started with SAML Jackson

Please star ⭐ the repo to support us! 😀

Streamline your web application's authentication with Jackson, an SSO service supporting SAML and OpenID Connect protocols. Beyond enterprise-grade Single Sign-On, it also supports Directory Sync via the SCIM 2.0 protocol for automatic user and group provisioning/de-provisioning.

There are two ways to integrate SAML Jackson into an application. Depending on your use case, you can choose either of them.

1. separate service (Next.js application) Admin Portal out of the box for managing SSO and Directory Sync connections.
2. NPM library as an embedded library in your application.

SAML/OIDC SSO service

Jackson implements the SAML login flow as an OAuth 2.0 or OpenID Connect flow, abstracting away all the complexities of the SAML protocol. Integrate SAML with just a few lines of code. We also now support OpenID Connect providers.

Try our hosted demo showcasing the SAML SP login flow here, no SAML configuration required thanks to our Mock SAML service.

🎦 Videos

• SSO/OIDC Tutorial SAML Jackson Enterprise SSO (split into chapters to easily find what you are looking for)
• SAML single sign-on login demo

✨ Demo

• SAML IdP login flow showcasing self hosted Mock SAML
• SAML demo flow

Here is what deploying SSO looks like with and without BoxyHQ

Documentation

For full documentation, visit boxyhq.com/docs/jackson/overview

Directory Sync

SAML Jackson also supports Directory Sync based on the SCIM 2.0 protocol.

Directory sync helps organizations automate the provisioning and de-provisioning of their users. As a result, it streamlines the user lifecycle management process by saving valuable organizational hours, creating a single truth source of the user identity data, and facilitating them to keep the data secure.

For complete documentation, visit boxyhq.com/docs/directory-sync/overview

Observability

We support first-class observability on the back of OpenTelemetry, refer here for more details.

SBOM Reports (Software Bill Of Materials)

We support SBOM reports, refer here for more details.

Container Signing and Verification

We support container image verification using cosign, refer here for more details.

Development Setup

Database

To get up and running, we have a docker-compose setup that will spawn all the supported databases. Ensure that the docker daemon is running on your machine and then run: npm run dev-dbs. In case you need a fresh start, destroy the docker containers using: npm run dev-dbs-destroy and run: npm run dev-dbs.

Development server

Copy the .env.example to .env.local and populate the values. Have a look at https://boxyhq.com/docs/jackson/deploy/env-variables for the available environment variables.

Run the dev server:

# Install the packages
npm install
# Start the server
npm run dev

End-to-End (E2E) tests

Create a .env.test.local file and populate the values. To execute the tests run:

npm run test:e2e

🖳 Contributing

Thanks for taking the time to contribute! Contributions are what make the open-source community such an amazing place to learn, inspire, and create. Any contributions you make will benefit everybody and are appreciated.

Please try to create bug reports that are:

• Reproducible. Include steps to reproduce the problem.
• Specific. Include as much detail as possible: which version, what environment, etc.
• Unique. Do not duplicate existing opened issues.
• Scoped to a Single Bug. One bug per report.

💫 Support

Reach out to the maintainers at one of the following places:

• GitHub Discussions
• GitHub Issues (Bug reports, Contributions)

🤩 Community

• Discord (For live discussion with the Open-Source Community and BoxyHQ team)
• Twitter (Follow us)
• Youtube (Watch community events and tutorials)

🛡️ Reporting Security Issues

Responsible Disclosure

📌 License

Apache 2.0 License