saas-sso-scim-enterprise-auth

Installation
SKILL.md

SaaS Enterprise Auth — SSO, SCIM, Custom Domain

Acknowledgement: Shared by Peter Bamuhigire, techguypeter.com, +256 784 464178.

Use When

  • Adding enterprise auth to a B2B SaaS — SAML 2.0 (Okta, Azure AD, Ping, OneLogin), OIDC (Auth0, Cognito, custom OPs).
  • Implementing SCIM 2.0 user provisioning/deprovisioning so the buyer's IdP can lifecycle users into your platform.
  • Letting tenants connect their own IdP per tenant (multi-IdP-per-platform).
  • Supporting custom domains (app.customer.com) with automated cert provisioning.
  • Adding IP allowlists per tenant for enterprise-tier security policy.
  • Migrating an existing email-password tenant to IdP-enforced login.
  • Exposing an audit-log API the customer can pull into their SIEM.

Do Not Use When

  • The task is the customer-facing tenant-admin auth screen — use dual-auth-rbac.
  • The task is internal staff auth — use dual-auth-rbac + MFA + the back-office privileged-access workflow in saas-admin-backoffice-tooling.
  • The task is OAuth as a client (calling Google/Stripe APIs) — use vibe-security-skill.
Installs
7
GitHub Stars
21
First Seen
May 14, 2026
saas-sso-scim-enterprise-auth — peterbamuhigire/skills-web-dev