Single sign-on
OIDC and SAML support out of the box. Connect any application with standard protocols.
OIDC + SAML
Full support for OpenID Connect and SAML 2.0 protocols. Modern token-based authentication for web and mobile apps, plus enterprise federation for legacy systems.
Pre-built integrations
Connect to popular SaaS applications in minutes with pre-configured templates for Slack, GitHub, AWS, Google Workspace, and dozens more.
Custom claim mapping
Map user attributes to claims in tokens. Transform groups to roles, add custom metadata, or compute claims dynamically based on business logic.
0
protocols supported
Unlimited
applications
<100ms
token issuance
noo id is a fully compliant OpenID Connect provider and supports SAML 2.0 for enterprise integrations. Whether you are building a modern SaaS app or connecting legacy enterprise software, noo id speaks the protocols your applications expect. Connect unlimited applications with token issuance under 100ms at the 95th percentile.
OIDC authentication flow
The Authorization Code flow is the recommended method for server-side applications. It keeps tokens secure by exchanging an authorization code on the back channel.
User clicks "Log in"
Your application redirects the user to the noo id authorization endpoint with the client ID, redirect URI, and requested scopes.
User authenticates
noo id presents the login page where the user enters credentials, uses a passkey, or completes MFA.
Authorization code issued
After successful authentication, noo id redirects the user back to your application with a short-lived authorization code.
Token exchange
Your application server exchanges the authorization code for an ID token, access token, and optional refresh token via a secure back-channel request.
Session established
Your application validates the ID token, creates a local session, and the user is logged in.
Protocol comparison
OIDC benefits
Modern, JSON-based protocol built on OAuth 2.0. Lightweight payloads, native support in most frameworks, and designed for web and mobile applications.
SAML benefits
Mature, XML-based standard trusted by enterprises. Rich assertion structures, built-in encryption, and required by many legacy corporate applications.
When to use OIDC
Choose OIDC for greenfield projects, single-page apps, mobile apps, and API-driven architectures where developer experience and performance matter most.
When to use SAML
Choose SAML when integrating with enterprise SaaS apps like Salesforce or Workday, establishing B2B federation, or meeting compliance mandates that require it.
Custom claim mapping
Enrich tokens with business context by mapping user attributes, group memberships, and custom metadata to claims. Compute roles dynamically or add tenant identifiers for multi-tenant applications.
{
"sub": "user123",
"name": "Alice Smith",
"email": "alice@acme.com",
"roles": ["admin", "user"],
"tenant_id": "tnt_acme"
}
Pre-built integrations
Slack
Enable SSO for your Slack workspace so team members authenticate through noo id automatically.
GitHub
Connect GitHub Enterprise with SAML-based SSO for secure access to repositories and organizations.
AWS
Federate AWS Console and CLI access using OIDC or SAML for centralized cloud identity management.
Salesforce
Integrate Salesforce with SAML SSO to give sales teams one-click access from the noo id portal.
Google Workspace
Route Google Workspace authentication through noo id for unified login across your organization.
Microsoft Teams
Connect Microsoft Teams and the broader Microsoft 365 suite via OIDC or SAML federation.
Frequently asked questions
What is the difference between OIDC and SAML? +
OIDC is a modern, JSON-based protocol built on OAuth 2.0, designed for web and mobile apps. SAML is an older, XML-based protocol common in enterprise environments. OIDC is easier to implement and more lightweight, while SAML is required for some legacy enterprise applications.
How many applications can I connect? +
Unlimited. You can register as many OIDC or SAML applications as needed. Each application gets its own client ID, secrets, and configuration.
Can I use custom domains for SSO? +
Yes. Enterprise customers can configure custom domains (e.g., login.yourcompany.com) for the login page and token endpoints. This provides a white-label experience and meets some compliance requirements.