Skip to main content

providers/osso

Built-in Osso integration.

default()

default(config): OAuthConfig<Record<string, any>>

Add Osso login to your page.

Setup

Callback URL

https://example.com/api/auth/callback/osso

Configuration

import Auth from "@auth/core"
import Osso from "@auth/core/providers/osso"

const request = new Request(origin)
const response = await Auth(request, {
providers: [Osso({ clientId: OSSO_CLIENT_ID, clientSecret: OSSO_CLIENT_SECRET, issuer: OSSO_ISSUER })],
})

Resources

Osso is an open source service that handles SAML authentication against Identity Providers, normalizes profiles, and makes those profiles available to you in an OAuth 2.0 code grant flow.

You can configure your OAuth Clients on your Osso Admin UI, i.e. https://demo.ossoapp.com/admin/config - you'll need to get a Client ID and Secret and allow-list your redirect URIs. SAML SSO differs a bit from OAuth - for every tenant who wants to sign in to your application using SAML, you and your customer need to perform a multi-step configuration in Osso's Admin UI and the admin dashboard of the tenant's Identity Provider. Osso provides documentation for providers like Okta and OneLogin, cloud-based IDPs who also offer a developer account that's useful for testing. Osso also provides a Mock IDP that you can use for testing without needing to sign up for an Identity Provider service.

See Osso's complete configuration and testing documentation at https://ossoapp.com/docs/configure/overview

Notes

By default, Auth.js assumes that the Osso provider is based on the OAuth 2 specification.

note

issuer should be the fully qualified domain – e.g. demo.ossoapp.com

tip

The Osso provider comes with a default configuration. To override the defaults for your use case, check out customizing a built-in OAuth provider.

Disclaimer

If you think you found a bug in the default configuration, you can open an issue.

Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec, we might not pursue a resolution. You can ask for more help in Discussions.

Parameters

config: OAuthUserConfig<Record<string, any>>

Returns

OAuthConfig<Record<string, any>>