providers/osso
default()β
default(
config
):OAuthConfig
<Record
<string
,any
> >
Add Osso login to your page.
Setupβ
Callback URLβ
https://example.com/api/auth/callback/osso
Configurationβ
import Auth from "@auth/core"
import Osso from "@auth/core/providers/osso"
const request = new Request(origin)
const response = await Auth(request, {
providers: [
Osso({
clientId: OSSO_CLIENT_ID,
clientSecret: OSSO_CLIENT_SECRET,
issuer: OSSO_ISSUER
})
]
})
Resourcesβ
Osso is an open source service that handles SAML authentication against Identity Providers, normalizes profiles, and makes those profiles available to you in an OAuth 2.0 code grant flow.
- If you don't yet have an Osso instance, you can use Osso's Demo App for your testing purposes. For documentation on deploying an Osso instance, see https://ossoapp.com/docs/deploy/overview/
- Osso OAuth documentation
You can configure your OAuth Clients on your Osso Admin UI, i.e. https://demo.ossoapp.com/admin/config - you'll need to get a Client ID and Secret and allow-list your redirect URIs. SAML SSO differs a bit from OAuth - for every tenant who wants to sign in to your application using SAML, you and your customer need to perform a multi-step configuration in Osso's Admin UI and the admin dashboard of the tenant's Identity Provider. Osso provides documentation for providers like Okta and OneLogin, cloud-based IDPs who also offer a developer account that's useful for testing. Osso also provides a Mock IDP that you can use for testing without needing to sign up for an Identity Provider service.
See Osso's complete configuration and testing documentation at https://ossoapp.com/docs/configure/overview
Notesβ
By default, Auth.js assumes that the Osso provider is based on the OAuth 2 specification.
issuer
should be the fully qualified domain βΒ e.g. demo.ossoapp.com
The Osso provider comes with a default configuration. To override the defaults for your use case, check out customizing a built-in OAuth provider.
If you think you found a bug in the default configuration, you can open an issue.
Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec, we might not pursue a resolution. You can ask for more help in Discussions.
Parametersβ
Parameter | Type |
---|---|
config | OAuthUserConfig < Record < string , any > > |
Returnsβ
OAuthConfig
< Record
< string
, any
> >