Enterprise SSO and identity federation is challenging. With Ory Polis, you avoid headaches and connect identity providers and directories within days rather than months.
Enterprise readiness for B2B SaaS apps
Ory Polis eliminates the need for technical expertise by providing a developer-friendly solution that lets companies meet enterprise requirements without diverting resources from core product development.
Organizational single sign-on
Integrate SAML using your favorite OAuth 2.0 or OpenID Connect libraries. Go from the first line of code to deployment in days, not months. No SAML expertise required, just a simple API that works with your existing authentication flow.
Self-serve onboarding
Provide enterprise IT teams with secure configuration portals to establish their identity connections without extensive technical coordination. Reduce implementation friction and accelerate time-to-value for both you and your customers.
Directory Sync
Simplify user management with SCIM-based provisioning that synchronizes accounts and groups automatically. Connect to corporate directories through a unified integration that eliminates manual user administration.
Ahmed Elkaffas
Founder
Seamless Enterprise SSO integration with the customer's existing infrastructure, and minimal effort from the customer side, was very important for us.
Ory Polis features at a glance
Organizations
Group users within your project, manage SSO connections, and enforce domain-based authentication that integrates with existing identity providers.
OIDC single sign-on
Establish multiple OpenID Connect (OIDC-based) single sign-on connections for each organization, configurable through the Ory Console and API interfaces.
SAML support
Connect with SAML-based identity providers such as Microsoft Entra ID, Microsoft ADFS, Okta, Auth0, Google Workspace, Ping Identity, and more.
SAML to OIDC bridge
Our bridge enables cross-protocol Identity Federation, enabling your app to use modern OIDC internally while still accepting SAML connections from enterprise customers.
Identity Provider discovery
Route users to their SSO provider based on email domain, eliminating manual selection steps for seamless authentication across B2B and B2B2C apps.
Flexible deployment
Deploy anywhere to meet regional data sovereignty and compliance requirements. Ory offers complete deployment flexibility whether self-hosted, private cloud, or on-premises
Deploy Ory Polis on your preferred infrastructure
Deploy on any infrastructure and take full control over your organizational and enterprise customer SSO.
...
const signIn = async () => {
// store the from url before redirecting ... we need this to correctly initialize the oauthClient after getting redirected back from SSO Provider.
localStorage.setItem(APP_FROM_URL, from);
// Initiate the login flow
await authClient?.fetchAuthorizationCode({
tenant,
product,
});
};
const signOut = async (callback: VoidFunction) => {
authClient?.reset();
setUser(null);
callback();
};
More on Ory Polis
Ory Acquires BoxyHQ: Introducing Ory Polis for Enterprise Single-Sign On
In a strategic move set to modernize the identity and access management landscape, Ory has acquired BoxyHQ and launched Ory Polis. Ory Polis addresses organizational identity needs across environments reliant on SAML and SCIM protocols. Previously known as BoxyHQ's Jackson, brings enterprise-ready single sign-on (SSO), directory synchronization, and self-service onboarding to organizations requiring robust B2B and B2B2C identity infrastructure.
SSO Building blocks - SAML, OAuth 2.0 and OpenID Connect
We have already covered SAML at a high level from both user and application provider points of view.
