buzzfeed/sso — sso, aka S.S.Octopus, aka octoboi, is a single sign-on

sso

See our launch blog post for more information!

Please take the SSO Community Survey to let us know how we're doing, and to help us plan our roadmap!

sso — lovingly known as the S.S. Octopus or octoboi — is the authentication and authorization system BuzzFeed developed to provide a secure, single sign-on experience for access to the many internal web apps used by our employees.

It depends on Google as its authoritative OAuth2 provider, and authenticates users against a specific email domain. Further authorization based on Google Group membership can be required on a per-upstream basis.

The main idea behind sso is a "double OAuth2" flow, where sso-auth is the OAuth2 provider for sso-proxy and Google is the OAuth2 provider for sso-auth.

sso is built on top of Bitly’s open source oauth2_proxy

sso

Quick Overview

Scores

Trust Score

Maintenance

Popularity

Star History

Snapshot Versions

Alternatives

supabase

tailscale

next-auth

better-auth

authelia

devise

Community Reviews

README

sso