Guides

Oyster Partner SSO Requirements

How to configure SSO with Oyster for Partner applications

Suggest Edits

For partners who would like to use Single Sign-On (SSO) for users to authenticate with Oyster, you can connect an Identity Provider (IdP) that supports OpenID Connect (OIDC) or Security Assertion Markup Language (SAML). This will allow users on your platform to log into Oyster's platform with one-click without having to re-authenticate, resulting in a seamless user experience.

OIDC and SAML

OIDC and SAML are standard protocols used by identity providers (IdP) to enable single sign on (SSO) with different services, providing a seamless experience for users that switch between apps and services.

Broadly speaking, both protocols follow a “similar” flow, but they differ in implementation details. Which you use, will depend on what your IDP supports.

OIDC

SAML


As a partner, what do I need to enable SSO with an Oyster integration?

Prerequisites

  1. Identity Provider (IdP): An IdP that supports OIDC or SAML (e.g., Auth0, Okta, Microsoft Entra ID, Google Workplace).

Data Needed

The information we require depends on the protocol that will be used.

For OpenID Connect (OIDC)

  • Client ID: Unique identifier for your application.
  • Client Secret: Secret key used to authenticate your application.
  • OpenID Connect discovery URL: Provide the well known OpenID Connect discovery endpoint
  • Scopes: Permissions requested (openid, profile, email).

For SAML

  • Sign In URL: URL to send authentication requests to the IdP.
  • x509 Signing Certificate: SAMLP server public key encoded in PEM or CER format
    • Obtain and configure signing certificates for secure communication between the SP and IdP.

Process

  1. Create a Customer Account here.
  2. Once you have logged in to your account, use the navigation bar and click Company > Integrations.
  3. Click Add integrations.
  4. Scroll down to the section Identity Providers and select OIDC or SAML depending on what your identity provider supports. Click Connect.
  5. Reach out your Oyster representative confirming you have successfully set up your connection.
  6. Oyster will enable a partner flag under your account. This will allow Customers who have enabled your Partner integration to login using the Partner SSO.

Outcome

Once the integration is built, and the SSO information has been configured, users should be able to seamlessly transition from your platform into Oyster.

Updated 28 days ago