Configuring SSO for SAML and OIDC

Single Sign On allows users to sign in using credentials they already have. This eliminates the need to create a new username and password for your application.

Two popular SSO protocols are SAML and OpenID Connect. They manage and authenticate individual users across multiple applications.

This guide is the starting point for adding SSO to your Frontegg application so that users can sign in using their IDP credentials via SAML 2.0 or OpenID Connect.

The following are required to get SSO up and running for your customers and their organizational users.

Enable SSO in the Frontegg Portal. The SSO options include SAML and OpenID Connect.

Go to Home ➜ Builder ➜ Login Box.

In the left panel, toggle the switch to on for each SSO standard you want to enable.

Additional resources

APIs related to SSO

Create SSO configuration (manual)

Create SSO configuration automatic (XML)

Get SSO configurations

Create SSO domain and link to a configuration

Validate SSO domain (when using TXT records)

Force validate an SSO domain (No TXT records needed)

Add SSO default groups

Create SSO roles to groups mapping