Support for SAML SSO

We are planning to deploy Zerotier VPN, but the lack of SAML SSO support is a major deal breaker. We are using Jumpcloud for authentication/authorisation, which does not support OIDC. Is there any chance that SAML would be supported in the near future?

SAML is on the roadmap, however there’s no ETA at this time. As a stopgap, it’s possible to use Keycloak as a broker between OIDC and SAML. We’ve tested it out internally connecting it to Google Workspaces and it works great

1 Like

Thank you. I will check it out. SATOSA proxy also looks interesting: https://github.com/IdentityPython/SATOSA/blob/master/doc/README.md

1 Like

Haven’t heard of that one before. I’ll have to check it out

1 Like

Small update: Jumpcloud has support for OICD with PKCE now. Enabled it and seems to be working well, other than the 1h timeouts even when refresh tokens are enabled(different issue).

Automatic timeout extension seems to be working for VPN now.