Skip to main content

Identity Provider Configuration

Pomerium provides authentication through your existing identity provider (IdP) and supports all major single sign-on (SSO) providers.

Pomerium uses the OAuth 2.0 and OIDC protocols to integrate with your IdP so you can configure any IdP solution that supports these protocols.

The steps to integrate your IdP with Pomerium vary depending on your provider, but all IdPs generally require the following settings:

The Redirect URI should include your Authenticate Service URL with /oauth2/callback in the URL path.

For example, https://{authenticate_service_url}.com/oauth2/callback.

See the guides in this section for specific steps to integrate your IdP with Pomerium.

Hosted identity provider

Pomerium’s Hosted Authenticate Service provides a Hosted Authenticate Service URL and a Hosted Identity Provider.

If you use the hosted services, you don’t need to include IdP settings or an authenticate service URL in your configuration.

See Configure hosted services for more information.