Enterprise SSO and identity federation is challenging. With Ory Polis, you avoid headaches and connect identity providers and directories within days rather than months.
Ory Polis eliminates the need for technical expertise by providing a developer-friendly solution that lets companies meet enterprise requirements without diverting resources from core product development.
Integrate SAML using your favorite OAuth 2.0 or OpenID Connect libraries. Go from the first line of code to deployment in days, not months. No SAML expertise required, just a simple API that works with your existing authentication flow.
Provide enterprise IT teams with secure configuration portals to establish their identity connections without extensive technical coordination. Reduce implementation friction and accelerate time-to-value for both you and your customers.
Simplify user management with SCIM-based provisioning that synchronizes accounts and groups automatically. Connect to corporate directories through a unified integration that eliminates manual user administration.
Ahmed Elkaffas
Founder
Seamless Enterprise SSO integration with the customer's existing infrastructure, and minimal effort from the customer side, was very important for us.
OSS is where most teams start. The question is whether it holds up as scale, compliance, and security requirements grow. Running identity infrastructure yourself means owning everything, from patches to incident response, compliance controls, and performance tuning. At enterprise scale, that overhead competes with product innovation. Ory's commercial offerings, OEL and Ory Network, trade that burden for SLA-backed support, managed CVE patching, and audit-ready controls.
OSS
OEL
Ory Network
Deploy on any infrastructure and take full control over your organizational and enterprise customer SSO.
In a strategic move set to modernize the identity and access management landscape, Ory has acquired BoxyHQ and launched Ory Polis. Ory Polis addresses organizational identity needs across environments reliant on SAML and SCIM protocols. Previously known as BoxyHQ's Jackson, brings enterprise-ready single sign-on (SSO), directory synchronization, and self-service onboarding to organizations requiring robust B2B and B2B2C identity infrastructure.
Group users within your project, manage SSO connections, and enforce domain-based authentication that integrates with existing identity providers.
Establish multiple OpenID Connect (OIDC-based) single sign-on connections for each organization, configurable through the Ory Console and API interfaces.
Connect with SAML-based identity providers such as Microsoft Entra ID, Microsoft ADFS, Okta, Auth0, Google Workspace, Ping Identity, and more.
Our bridge enables cross-protocol Identity Federation, enabling your app to use modern OIDC internally while still accepting SAML connections from enterprise customers.
Route users to their SSO provider based on email domain, eliminating manual selection steps for seamless authentication across B2B and B2B2C apps.
Deploy anywhere to meet regional data sovereignty and compliance requirements. Ory offers complete deployment flexibility whether self-hosted, private cloud, or on-premises
Get started with the guides and docs below
...
const signIn = async () => {
// store the from url before redirecting ... we need this to correctly initialize the oauthClient after getting redirected back from SSO Provider.
localStorage.setItem(APP_FROM_URL, from);
// Initiate the login flow
await authClient?.fetchAuthorizationCode({
tenant,
product,
});
};
const signOut = async (callback: VoidFunction) => {
authClient?.reset();
setUser(null);
callback();
};