Hey HN! We're Sam, Sam, and Michael, the founders of Osso (<a href="https://ossoapp.com/" rel="nofollow">https://ossoapp.com/</a>)<p>Osso is open-source software for integrating SAML SSO with any web application. It provides an Admin UI to onboard your customers, generates custom documentation to configure your app in a customer's Identity Provider (IDP), handles SAML authentication against IDPs and provides your app normalized JSON profiles as part of an OAuth 2.0 code grant authorization flow.<p>We started working on Osso together as a way to keep in touch and distract ourselves from, well, *gestures broadly at everything*. We chose to work on something that each of us came up against during our careers: supporting SAML SSO. Between the three of us, we've built internal tools where SAML was required by IT and struggled to sell SaaS products that didn't offer SAML SSO to enterprises who required it. We've also been <i>users</i> of various IDPs, limiting us from accessing the apps we wanted at work when they only included SAML SSO on the way-too-expensive Enterprise plan.<p>Every successful SaaS company builds SAML SSO eventually but it's never a top priority and nobody takes time to <i>really</i> understand it. If your customers want SAML, it's a great problem to have but chances are there are thousands of other things on your list. Most teams end up kicking it down the road, which can lead to lost sales opportunities. Companies end up piecing something together that kind of works but creates technical debt or support burden, or they spend thousands of dollars on Auth0 or AWS Cognito, but still lack customer docs or a streamlined flow for SAML onboarding.<p>So we're trying to simplify things for SaaS companies to make SAML SSO a more accessible option. We took existing open-source software and added the last 10% to make integrating a scalable, sellable, and serviceable SAML SSO solution as easy as possible. All the code is available on Github for you to run on your own, but we also offer a SaaS solution where we'll manage an Osso instance for you.<p>Osso:<p>• Treats SAML like OAuth - connect your app to an Osso instance via OAuth, and Osso will handle the SAML authentication and return normalized JSON profiles<p>• Enables first class support for Azure Active Directory, Okta, OneLogin, Ping, Google, and Salesforce, yet works with any IDP that supports SAML 2.0<p>• Features an Admin UI for customer support / success teams to onboard and support customers<p>• Provides a convenient interface for technical teams to create and roll OAuth clients and their secrets<p>• Generates custom PDFs for step-by-step onboarding for each of your customers<p>If you're interested in learning more, start here:<p>— Our docs [<a href="https://ossoapp.com/docs/quick-start" rel="nofollow">https://ossoapp.com/docs/quick-start</a>]<p>— Github repos [<a href="https://github.com/enterprise-oss" rel="nofollow">https://github.com/enterprise-oss</a>]<p>— Quick video walk-through of Osso [<a href="https://youtu.be/Jps3eeZGOr0" rel="nofollow">https://youtu.be/Jps3eeZGOr0</a>]<p>— Demo instance [<a href="https://demo.ossoapp.com" rel="nofollow">https://demo.ossoapp.com</a>]<p>The back end is a few modular Ruby/Rack apps including a GraphQL API and an OAuth 2.0 server, while the front end is a React app written in Typescript. We use a modular and package driven approach, allowing you to customize your Osso instance with theming or middleware, or pick and choose parts of the stack to use, while getting critical updates through our Ruby gems and npm packages. We offer client libraries for Ruby (omniauth-osso) and NodeJS (passport-osso), and are working on React components you can use to interact with your Osso instance, like a login component and a widget to allow your customers to configure SAML themselves.<p>We really appreciate the HN community and the discussion that takes place here, so we hope you'll provide honest feedback on Osso. What's missing? What should we do differently? Anything you'd take away? We look forward to reading and responding to your comments, but if you want to speak with us directly you can also email us at hello@ossoapp.com.<p>Thank you!
Sam, Sam, and Michael