Identity Provider Configuration

Pomerium provides authentication through your existing identity provider (IdP) and supports all major single sign-on (SSO) providers.

Pomerium uses the OAuth 2.0 and OIDC protocols to integrate with your IdP so you can configure any IdP solution that supports these protocols.

The steps to integrate your IdP with Pomerium vary depending on your provider, but all IdPs generally require the following settings:

• Redirect URI
• Client ID
• Client Secret

The Redirect URI should include your Authenticate Service URL with /oauth2/callback in the URL path.

For example, https://{authenticate_service_url}.com/oauth2/callback.

See the guides in this section for specific steps to integrate your IdP with Pomerium.

tip

If you want to try out Pomerium without configuring an IdP, you can use our Hosted Authenticate Service instead.

Identity provider guides

📄️ Apple

Integrate single sign-on with Apple and Pomerium.

📄️ Auth0

This page documents configuring an Auth0] Web Application and Machine to Machine Application for Pomerium to read user data. It assumes you have already [installed Pomerium.

📄️ Cognito

This document describes the use of AWS Cognito as an identity provider with Pomerium. It assumes you have already installed Pomerium

📄️ GitHub

This document describes the use of GitHub as an identity provider for Pomerium. It assumes you have already installed Pomerium.

📄️ GitLab

This document details how to use GitLab as an identity provider with Pomerium. It assumes you have already installed Pomerium.

📄️ Google

This guide covers the basics of setting up Pomerium to use GCP and Google Workspace / G Suite as your identity provider.

📄️ Microsoft Entra ID (Azure AD)

Learn how to configure Microsoft Entra ID (formerly known as Azure Active Directory) as an identity provider that works with Pomerium Core and Enterprise.

📄️ OIDC

Learn how integrate a generic OIDC provider with Pomerium.

📄️ Okta

Okta is a popular identity provider used by businesses of all sizes. Integrating Pomerium with Okta allows you to use the identity Okta provides to apply context-driven policies from Pomerium to your infrastructure.

📄️ OneLogin

This doc describes how to create an OIDC app in [OneLogin] for Pomerium and connect to it. It assumes you have already [installed Pomerium].

📄️ Ping

Learn how to configure Ping Identity as an identity provider that works with Pomerium to authenticate users.