CarRental
← All features
security

OIDC / SAML single sign-on

Corporate accounts signing in via your IdP.

Per-tenant OIDC provider registration. Azure AD, Okta, Google Workspace, Zitadel, Keycloak — any RFC-compliant issuer. End-users land on "Sign in with <provider>" from their tenant login page.

  • Issuer discovery (.well-known/openid-configuration)
  • JWKS signature validation + iss/aud/exp/nonce checks
  • Auto-provision new staff (configurable)
  • Graceful fallback to password + 2FA if SSO is down

How it works

/api/auth/oidc/login → 302 to issuer with state + nonce. Callback fetches tokens, verifies id_token via JWKS, matches or creates a local user, mints our JWT.

Register your IdP at /dashboard/oidc.

Start free Sign in

More security features