Initializing search

Asgardeo

Home
Home
Get started
Get started
- Create Account
- Connect App
  Connect App
  - React
    React
    
    Quickstart
    
    Complete Guide 2 mins
  - Angular
    Angular
    
    Quickstart
    
    Complete Guide 2 mins
  - Javascript
    Javascript
    
    Quickstart
    
    Complete Guide 2 mins
  - Next.js
    Next.js
    
    Quickstart
    
    Complete Guide (Redirect) 2 mins
    
    Complete Guide (App-Native) 2 mins
    
    Complete Guide (B2B) 2 mins
  - Express.js
    Express.js
    
    Complete Guide 2 mins
  - .NET
    .NET
    
    Complete Guide 2 mins
  - Spring Boot
    Spring Boot
    
    Quickstart
- Try for a sample app
  Try for a sample app
  - Single Page apps
    Single Page apps
    
    React
    
    JavaScript
  - Web apps
    Web apps
    
    OIDC Java EE
    
    SAML Java EE
    
    WS-Federation
- Secure MCP Servers
  Secure MCP Servers
- Secure Your AI Agents
  Secure Your AI Agents
  - Python
  - TypeScript

Guides
Guides
- Applications
  Applications
- Authentication
  Authentication
  - Add login to apps
    Add login to apps
    
    Add login to an SPA
    
    Add login to a web app
    
    Add login to a mobile app
  - Add login to SaaS apps
    
    Add login to SaaS apps
    
    Google Workspace
    
    Salesforce
    
    Microsoft 365
    
    Zoom
    
    Slack
  - Add passwordless login
    
    Add passwordless login
    
    Add login with Magic link
    
    Add login with Passkey
    
    Add login with HYPR
    
    Add login with Email OTP
    
    Add login with SMS OTP
    
    Add login with Push Notification
  - Enable user attributes
    
    Enable user attributes
    
    Enable attributes for OIDC apps
    
    Enable attributes for SAML apps
  - Manage consent for user attributes
  - Add federated login
    
    Add federated login
    
    Add social login
    
    Add social login
    
    Add Facebook login
    
    Add GitHub login
    
    Add Google login
    
    Add Microsoft login
    
    Add Apple login
    
    Add LinkedIn login
    
    Add decentralized login
    
    Add decentralized login
    
    Sign-in with Ethereum
    
    Add eID login
    Add eID login
    
    Add Signicat login
    
    Add FranceConnect login
    
    Add SwissID login
    
    Add standard-based login
    
    Add standard-based login
    
    Add login with OIDC IdP
    
    Add login with SAML IdP
  - Add identifier first login
  - Add multi-factor authentication
    
    Add multi-factor authentication
    
    Add TOTP
    
    Add Email OTP
    
    Add SMS OTP
    
    Add Push Notification
    
    Add Passkey
    
    Add iProov
    
    Add Duo
    
    Add user-preferred MFA
  - Add conditional authentication
    
    Add conditional authentication
    
    Set up conditional authentication
    
    Add access control
    Add access control
    
    Add access control
    
    User Age-based access
    
    Group-based access
    
    Concurrent session-based access
    
    Add adaptive MFA
    Add adaptive MFA
    
    Add adaptive MFA
    
    MFA based on user group
    
    MFA based on sign-in option
    
    MFA based on user device
    
    MFA based on IP address
    
    MFA based on advanced conditions (using WSO2 Choreo)
    
    Add passkey progressive enrollment
    
    Add push notification device progressive enrollment
    
    Add on-demand silent password migration
    
    Write a custom authentication script
  - App-native authentication
    
    App-native authentication
    
    Add app-native authentication
    
    Secure app-native authentication flows
    
    Handle advanced login scenarios
  - Login Flow AI
  - Configure OIDC flows
    
    Configure OIDC flows
    
    Discover OIDC endpoints
    
    Dynamic Client Registration (DCR)
    
    Login flows
    Login flows
    
    Authorization code flow
    
    Authorization code flow and PKCE
    
    Hybrid flow
    
    Pushed Authorization Requests (PAR)
    
    JWT Secured Authorization Response Mode (JARM) for OAuth 2.0
    
    Grant types
    Grant types
    
    JWT Bearer Grant
    
    Client authentication methods
    Client authentication methods
    
    Private key JWT
    
    Tokens and validation
    Tokens and validation
    
    Validate tokens at a resource server
    
    Validate JWT with JWKS
    
    Validate ID tokens
    
    Encrypt ID tokens
    Encrypt ID tokens
    
    Encrypt and decrypt ID tokens
    
    ID token encryption reference
    
    Request user information
    
    Revoke tokens
    
    Configure token exchange
    
    Logout
    Logout
    
    Front-channel logout
    
    Back-channel logout
  - Configure SAML flows
    
    Configure SAML flows
    
    Discover SAML endpoints and settings
    
    Implement SAML federated IdP-initiated SSO
    
    SAML back-channel logout
  - Configure Just-in-Time user provisioning
- Authorization
  Authorization
  - API authorization
    API authorization
    
    Role-based access control
  - User impersonation
    
    User impersonation
    
    via Console
    
    via business application (advanced)
- Identity Verification
  Identity Verification
  - Configure an Identity Verification Provider
  - Identity Verification with Onfido
- User management
  User management
  - Manage administrators
  - Users
    Users
    
    Onboard users
    
    Manage users
  - Manage groups
  - Manage roles
  - Manage active sessions
  - Migrate users to Asgardeo
    
    Migrate users to Asgardeo
    
    Migrate user accounts
    
    Migrate user passwords
  - Manage attributes and mappings
    
    Manage attributes and mappings
    
    User attributes
    User attributes
    
    Manage attributes
    
    Configure attributes
    
    Configurations reference
    
    OIDC attribute mappings
    
    OIDC scopes
    
    SCIM2 attribute mappings
    
    Configure unique attributes
    
    Configure multi-valued contact attributes
    
    Verification and notification settings for attribute updates
    Verification and notification settings for attribute updates
    
    Configure settings
    
    Try it out
    Try it out
    
    Email address update verification
    
    Mobile number update verification
  - Manage user stores
    
    Manage user stores
    
    Connect a remote user store
    
    Configure high availability
    
    Manage remote user stores
    
    Deployment best practices
    
    Advanced configuration for the agent
- Workflows
  Workflows
  - Approval workflows
  - Workflow requests
- Account configurations
  Account configurations
  - Login security
    Login security
    
    Login attempts
    
    Password validation
    
    Bot detection
    
    Fraud detection
    
    Session management
  - Account recovery
    Account recovery
    
    Password recovery
    
    Admin Initiated Password Reset
  - User onboarding
    User onboarding
    
    Self-registration
    
    Self-registration flow
    
    Invite user to set password
  - Manage login identifiers
    Manage login identifiers
    
    Configure username validation
    
    Configure alternative login identifiers
  - Account disabling
- Flows
  Flows
- User self-service
  User self-service
  - Self-service portal
    Self-service portal
    
    Configure the self-service portal
    
    Update profile information
    
    Change password
    
    Manage linked social accounts
    
    Export profile information
    
    Manage consents
    
    Manage login sessions
    
    Self-register
    
    Register passkeys
    
    Register Push Notification Device
    
    Password recovery
    
    Enroll TOTP
    
    Manage backup codes
    
    Discover applications
    
    Manage approvals
  - Build self-service capabilities
- Organizations
  Organizations
  - Set up organizations
  - Administration of organizations
  - Application Management
    Application Management
    
    Share applications
    
    Organization applications
  - Manage conflicts in organizations
  - Onboard admins
    
    Onboard admins
    
    Sales-led approach
    
    Self-service approach
  - Onboard users
  - Share user profiles with organizations
  - Try a B2B use case
  - API authorization for organizations
  - Inheritance in organizations
    
    Inheritance in organizations
    
    Login & registration settings
    
    UI branding
    
    Email and SMS templates
    
    User attributes
    
    OIDC scopes
    
    Flows
  - Organization discovery
    
    Organization discovery
    
    Email domain based organization discovery
  - Customizations
    Customizations
    
    Extend with service extensions
- Notification Channels
  Notification Channels
- Customizations
  Customizations
  - Customize branding
    
    Customize branding
    
    Configure UI branding
    
    Customize layouts
    
    Branding AI
    
    Configure custom domains
    
    Customize email templates
    
    Customize SMS templates
    
    Localization in Asgardeo
  - Extend with service extensions
    Extend with service extensions
    
    Understanding service extensions
    
    In-flow extensions
    In-flow extensions
    
    Custom authentication
    
    Pre-flow extensions (Actions)
    Pre-flow extensions (Actions)
    
    Setting up an action
    
    Pre issue access token action
    
    Pre issue ID token action
    
    Pre update password action
    
    Pre update profile action
  - Integrate with webhooks
    Integrate with webhooks
    
    Understanding webhooks
    
    Setup webhooks
    
    Webhook events and payloads
- Your Asgardeo
  Your Asgardeo
  - Manage root organizations
  - Manage environments
    
    Manage environments
    
    Promote configurations across environments
  - Self-service
  - Recover your password
  - Delete your user account
  - Subscribe to Asgardeo
    
    Subscribe to Asgardeo
    
    via Billing Portal
    
    via Azure Marketplace
- Asgardeo logs
  Asgardeo logs
- Monitoring
  Monitoring
- Agentic AI
  Agentic AI
  - MCP Authorization
    
    MCP Authorization
    
    Securing MCP Servers
    
    Setting up MCP Clients
  - Identity for AI Agents
    
    Identity for AI Agents
    
    Register and manage agents
    
    Agent credentials
    
    Access control for agents
    
    Agent authentication
Tutorials
Tutorials
SDKs
SDKs
SDK Documentation
SDK Documentation
- React SDK
  React SDK
  - Overview
  - APIs
    APIs
    
    Contexts
    Contexts
    
    <AsgardeoProvider />
    
    Components
    Components
    
    Action Components
    Action Components
    
    <SignInButton />
    
    <SignOutButton />
    
    <SignUpButton />
    
    Control Components
    Control Components
    
    <SignedIn />
    
    <SignedOut />
    
    <Loading />
    
    User Self-care Components
    User Self-care Components
    
    <UserDropdown />
    
    <UserProfile />
    
    <User />
    
    Organization Components (B2B)
    Organization Components (B2B)
    
    <CreateOrganization />
    
    <OrganizationProfile />
    
    <OrganizationSwitcher />
    
    <OrganizationList />
    
    <Organization />
    
    <OrganizationContext />
    
    hooks
    hooks
    
    useAsgardeo()
  - Guides
    Guides
    
    Accessing Protected APIs
    
    Protecting Routes
- Next.js SDK
  Next.js SDK
  - Overview
  - APIs
    APIs
    
    Contexts
    Contexts
    
    <AsgardeoProvider />
    
    Middleware
    Middleware
    
    asgardeoMiddleware()
    
    Components
    Components
    
    Action Components
    Action Components
    
    <SignInButton />
    
    <SignOutButton />
    
    <SignUpButton />
    
    Control Components
    Control Components
    
    <SignedIn />
    
    <SignedOut />
    
    <Loading />
    
    Authentication Components
    Authentication Components
    
    <SignIn />
    
    <SignUp />
    
    User Self-care Components
    User Self-care Components
    
    <UserDropdown />
    
    <UserProfile />
    
    <User />
    
    Organization Components (B2B)
    Organization Components (B2B)
    
    <CreateOrganization />
    
    <OrganizationProfile />
    
    <OrganizationSwitcher />
    
    <OrganizationList />
    
    <Organization />
    
    hooks
    hooks
    
    useAsgardeo()
  - Guides
    Guides
    
    Accessing Protected APIs
    
    Protecting Routes
Asgardeo MCP Server
APIs
APIs
- Management APIs
  Management APIs
- Organization APIs
  Organization APIs
  - Get access for organization APIs
  - Action Management API
  - API resource management API
  - Application management API
    Application management API
    
    Application management API (Shared Applications)
    
    Application management API
  - Authenticators API
  - Branding API
  - Claim management API
  - Identity provider management API
  - Identity recovery API
  - Idle account identification API
  - Invite parent organization's users API
  - Notification sender API
  - Offline user onboard management API
  - Offline user onboard management API
  - Organization management API
  - Role management API
  - Rule Metadata API
  - User credential management API
  - User management
    
    User management
    
    SCIM 2.0 Users API
    
    SCIM 2.0 Groups API
    
    SCIM 2.0 Bulk API
    
    User Account Association API
    
    Verification Code Management API
  - User sharing management API
  - User store management API
- End User APIs
  End User APIs
References
References
- Operational policies
- Asgardeo outbound IP addresses
- Asgardeo user roles
- SCIM2 Custom User Schema Support
- App configurations
  App configurations
  - OIDC configurations
  - SAML configurations
- IdP configurations
  IdP configurations
  - OIDC configurations
  - SAML configurations
- Conditional authentication
  Conditional authentication
  - Conditional auth - API
- Remote agent properties
- Authorization policies for apps
- Email templates
- SMS templates
- Service extensions
  Service extensions
  - In-flow extensions
    In-flow extensions
    
    Custom authentication
    Custom authentication
    
    API contract to implement
  - Pre-flow extensions (Actions)
    Pre-flow extensions (Actions)
    
    Pre issue access token action
    Pre issue access token action
    
    Version 1.x
    Version 1.x
    
    API v1.0 contract to implement
    
    API v1.1 contract to implement
    
    Sample success reponses
    
    Pre issue ID token action
    Pre issue ID token action
    
    Version 1.x
    Version 1.x
    
    API v1.0 contract to implement
    
    Sample success responses
    
    Pre update password action
    Pre update password action
    
    Version 1.x
    Version 1.x
    
    API v1.0 contract to implement
    
    API v1.1 contract to implement
    
    Version 2.x
    Version 2.x
    
    API v2.0 contract to implement
    
    Pre update profile action
    Pre update profile action
    
    Version 1.x
    Version 1.x
    
    API v1.0 contract to implement
- Accessibility compliance
- Data residency in Asgardeo
- API resources and scopes required for MCP tools
- Production checklist
  Production checklist
- Asgardeo rate limits
- Tutorials
  Tutorials
  - Build your own push authenticator app
- IAM concepts
  IAM concepts
Technology Guides
Technology Guides

Best Practice Guides
Best Practice Guides
- Frontend Security
  Frontend Security
  Frontend Security

Enable user attributes

Share user attributes in the user profile with

OpenID Connect apps

SAML apps

Back to top

Join our Discord

Connect with our community on our official Discord server. Share ideas, get help, and be a part of the awesome conversations!