One login to rule them all. SSO that doesn't suck - setup measured in minutes, not months.
Remember when SSO meant six months of meetings? Those days are dead.
Three vendors, consulting firms, and endless XML debugging
XML parsing adventures and "assertion invalid" mysteries
Couldn't deliver SSO fast enough for enterprise customers
Each enterprise has different IdP requirements
Three lines of code, not three months of meetings
Built for modern standards, backwards compatible
Turn "Do you support SSO?" into your favorite question
Okta, Azure AD, Google, custom - we handle them all
Built for enterprise requirements with developer-friendly implementation
Full OpenID Connect provider capabilities with discovery endpoints and JWKS rotation.
Because some enterprises party like it's 2009. We support them too.
Customizable login pages that match your customer's brand perfectly.
Users created automatically on first login with proper role mapping.
Automated user lifecycle management with directory sync capabilities.
Different SSO configurations for each tenant, all running simultaneously.
Get SSO working with these simple examples
// Configure SSO for a tenant
const ssoConfig = {{
provider: 'okta', // or 'azure-ad', 'google-workspace'
domain: 'your-company.okta.com',
clientId: 'your-client-id',
clientSecret: 'your-client-secret',
tenant: 'acme-corp'
}};
const result = await blocks.auth.configureSSO(ssoConfig);
if (result.success) {{
console.log('SSO configured successfully!');
console.log('Login URL:', result.loginUrl);
console.log('Metadata URL:', result.metadataUrl);
}}
// That's it. Time for that beer now.// Different SSO per tenant
const tenantConfigs = [
{{
tenant: 'acme-corp',
provider: 'okta',
domain: 'acme.okta.com'
}},
{{
tenant: 'tech-co',
provider: 'azure-ad',
domain: 'techco.onmicrosoft.com'
}},
{{
tenant: 'startup-inc',
provider: 'google-workspace',
domain: 'startup.com'
}}
];
// Configure all tenants
for (const config of tenantConfigs) {{
await blocks.auth.configureSSO(config);
}}
// All running simultaneously. All isolated. All secure.// SAML setup (unfortunately, yes)
const samlConfig = {{
tenant: 'enterprise-corp',
provider: 'saml',
entityId: 'https://enterprise.com/saml',
ssoUrl: 'https://enterprise.com/sso',
certificate: process.env.SAML_CERT,
attributes: {{
email: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress',
name: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name',
groups: 'http://schemas.microsoft.com/ws/2008/06/identity/claims/groups'
}}
}};
await blocks.auth.configureSSO(samlConfig);
// We handle the XML nightmares so you don't have to// React component for SSO login
import {{ useSSO }} from '23blocks-react';
function LoginPage() {{
const {{ initiateSSO, isLoading, error }} = useSSO();
const handleSSOLogin = async (tenant) => {{
try {{
// Redirects to IdP automatically
await initiateSSO({{ tenant }});
}} catch (err) {{
console.error('SSO login failed:', err);
}}
}};
return (
<div>
<button onClick={{() => handleSSOLogin('acme-corp')}}>
Sign in with Acme Corp
</button>
<button onClick={{() => handleSSOLogin('tech-co')}}>
Sign in with TechCo
</button>
</div>
);
}}Real companies that turned SSO requirements into competitive advantages
Enterprise Software Provider
"We lost three enterprise deals because we couldn't deliver SSO fast enough. With 23blocks, we onboarded a Fortune 100 client with complex Azure AD requirements in 4 days. That deal alone paid for 23blocks for the next decade."
EdTech Platform
"Universities have the most complex SSO requirements imaginable. Shibboleth, SAML, custom attributes - you name it. 23blocks handled our 200+ university integrations without a single hiccup."
SSO that turns enterprise requirements into competitive advantages
"Yes, we support SSO" becomes your favorite phrase. Enterprise deals close faster.
No more SAML debugging nightmares. No more "assertion invalid" mysteries. Just working SSO.
One corporate password to remember. Seamless access. IT-approved security they trust.
Stop losing deals because SSO is "on the roadmap." Start closing them because your SSO is better.
Get product updates, engineering posts, and new block announcements delivered to your inbox.