Enterprise SSO and identity federation is challenging. With Ory Polis, you avoid headaches and connect identity providers and directories within days rather than months.
Enterprise readiness for B2B SaaS apps
Ory Polis eliminates the need for technical expertise by providing a developer-friendly solution that lets companies meet enterprise requirements without diverting resources from core product development.
Organizational single sign-on
Integrate SAML using your favorite OAuth 2.0 or OpenID Connect libraries. Go from the first line of code to deployment in days, not months. No SAML expertise required, just a simple API that works with your existing authentication flow.
Self-serve onboarding
Provide enterprise IT teams with secure configuration portals to establish their identity connections without extensive technical coordination. Reduce implementation friction and accelerate time-to-value for both you and your customers.
Directory Sync
Simplify user management with SCIM-based provisioning that synchronizes accounts and groups automatically. Connect to corporate directories through a unified integration that eliminates manual user administration.
Ahmed Elkaffas
Founder
Seamless Enterprise SSO integration with the customer's existing infrastructure, and minimal effort from the customer side, was very important for us.
Ory Polis features at a glance
Organizations
Group users within your project, manage SSO connections, and enforce domain-based authentication that integrates with existing identity providers.
OIDC single sign-on
Establish multiple OpenID Connect (OIDC-based) single sign-on connections for each organization, configurable through the Ory Console and API interfaces.
SAML support
Connect with SAML-based identity providers such as Microsoft Entra ID, Microsoft ADFS, Okta, Auth0, Google Workspace, Ping Identity, and more.
SAML to OIDC bridge
Our bridge enables cross-protocol Identity Federation, enabling your app to use modern OIDC internally while still accepting SAML connections from enterprise customers.
Identity Provider discovery
Route users to their SSO provider based on email domain, eliminating manual selection steps for seamless authentication across B2B and B2B2C apps.
Flexible deployment
Deploy anywhere to meet regional data sovereignty and compliance requirements. Ory offers complete deployment flexibility whether self-hosted, private cloud, or on-premises
How to de-risk identity at scale with Ory
OSS is where most teams start. The question is whether it holds up as scale, compliance, and security requirements grow. Running identity infrastructure yourself means owning everything, from patches to incident response, compliance controls, and performance tuning. At enterprise scale, that overhead competes with product innovation. Ory's commercial offerings, OEL and Ory Network, trade that burden for SLA-backed support, managed CVE patching, and audit-ready controls.
OSS
OEL
Ory Network
Compliance and audit-ready (GDPR, PSD2, PCI-DSS, SOC 2, and others)
Compliance and audit-ready (GDPR, PSD2, PCI-DSS, SOC 2, and others)
Compliance-ready
Compliance and audit-ready (GDPR, PSD2, PCI-DSS, SOC 2, and others)
Global multi-region architecture
Global multi-region architecture
Multi-region capable
Global multi-region architecture
Purpose-based data retention
Purpose-based data retention
Purpose-based data retention
24/7 SLA support
24/7 SLA support
24/7 SLA support
CVE security patching
CVE security patching
CVE security patching
Unified control plane for ease of management
CLI
Unified control plane for ease of management
CLI & GUI
Unified control plane for ease of management
CLI & GUI
Production Helm Charts
Production Helm Charts
Production Helm Charts
n/a
Managed infrastructure
Managed infrastructure
n/a
Managed infrastructure
Custom Branding for Onboarding Portal
Custom Branding for Onboarding Portal
Custom Branding for Onboarding Portal
SAML & OIDC
SAML & OIDC
SAML & OIDC
Directory sync
Directory sync
Directory sync
Identity federation
Identity federation
Identity federation
Ory Polis FAQ
Deploy Ory Polis on your preferred infrastructure
Deploy on any infrastructure and take full control over your organizational and enterprise customer SSO.
Open Source deployment — Run, try, and inspect Ory Polis open source. Perfect to proof-of-concept your next big idea. 
Ory Enterprise License
OEL deployment — Ory Polis on OEL means optimized code with premium support for mission-critical production environments, on-prem, self-hosted – wherever else you need it, always up to date. 
Ory Network
Ory Network deployment — Ory Network includes Ory Polis powered capabilities in an instant-on global identity system. Achieve speed, security, scale, compliance and support with ease.
Integrations
Ready to try Ory Polis?
Get started with the guides and docs below
AuthProvider.tsx
...
const signIn = async () => {
// store the from url before redirecting ... we need this to correctly initialize the oauthClient after getting redirected back from SSO Provider.
localStorage.setItem(APP_FROM_URL, from);
// Initiate the login flow
await authClient?.fetchAuthorizationCode({
tenant,
product,
});
};
const signOut = async (callback: VoidFunction) => {
authClient?.reset();
setUser(null);
callback();
};
More on Ory Polis
May 29, 2025
Ory Acquires BoxyHQ: Introducing Ory Polis for Enterprise Single-Sign On
In a strategic move set to modernize the identity and access management landscape, Ory has acquired BoxyHQ and launched Ory Polis. Ory Polis addresses organizational identity needs across environments reliant on SAML and SCIM protocols. Previously known as BoxyHQ's Jackson, brings enterprise-ready single sign-on (SSO), directory synchronization, and self-service onboarding to organizations requiring robust B2B and B2B2C identity infrastructure.
