Back to all products

    Close deals, not tickets.

    Enterprise SSO that ships in an afternoon. SAML is built in, not bolted on.

    Free up to 2,000 MAU

    Security questionnaire

    SAML 2.0 supportBuilt-in
    IdP-initiated flowBuilt-in
    SP-initiated flowBuilt-in
    Tenant isolationBuilt-in
    Per-tenant IdP configBuilt-in
    Assertion validationBuilt-in
    Controlled rolloutBuilt-in
    Audit loggingBuilt-in

    Every line item your buyer asks about. Already handled.

    Three steps. That's it.

    Configure, test, ship. Each step is one SDK call.

    Step 01Configure

    Point your tenant at their identity provider. One call.

    await authaz.sso.saml.configureTenant({
  tenantId: "org_123",
  mode: "idp_and_sp_initiated",
  entityId: "https://acme.authaz.io/saml",
  acsUrl: "https://app.acme.com/saml/callback",
});
    Step 02Test

    Validate both flows before going live. Built-in dry run.

    const result = await authaz.sso.saml.testConnection({
  tenantId: "org_123",
  flow: "sp_initiated",
  dryRun: true,
});
// result.status → "ok"
    Step 03Ship

    Enable for the tenant. Roll back in one line if needed.

    await authaz.sso.saml.enableTenant({
  tenantId: "org_123",
  rolloutStrategy: "immediate",
});

    What's included

    Both SAML flows

    IdP-initiated and SP-initiated from the same configuration. No parallel auth stacks.

    Tenant-scoped config

    Each customer org gets its own metadata, callbacks, and assertion rules. Zero cross-tenant risk.

    Rollout controls

    Enable per-tenant, dry-run before go-live, and roll back instantly. Ship SSO without the sweating.

    Stop losing deals to SSO gaps.

    Enterprise SSO is included in every plan.

    Free up to 2,000 MAU.