Custom SSO providers using SAML or OIDC
Tailscale allows WireGuard® to support several OpenID Connect (OIDC) identity providers, including Google, Azure AD, Okta, and others. Almost everyone can use one of the included providers.
Existing support
We find that almost everyone asking for SAML or OIDC integration is using one of the common providers, particularly Okta or OneLogin.
- Okta activation instructions
- OneLogin activation instructions
- Google, Microsoft, and GitHub login work without any activation.
Custom support
Rarely, you may be operating your own SAML, OAuth2, or OIDC provider. Since every identity provider is different, this usually requires some custom configuration and debugging work. As a result, custom providers are only available with an Enterprise subscription.
For other custom SAML or OIDC providers as part of an Enterprise subscription, contact us.