Skip to content
Scalekit Docs

Scalekit Docs

Plug-n-play auth for B2B SaaS
Start building Sign up

Scalekit helps you quickly add enterprise authentication to your B2B SaaS app without engineering overhead. It provides plug-and-play auth solutions like SSO, SCIM, and Social Logins.

Built for B2B use cases, Scalekit natively supports multi-tenancy and organization management. You can test auth flows in sandbox environments, simulate SSO without real IdP accounts, and deploy instantly with prebuilt integrations for Okta, Entra ID, JumpCloud, Google SSO, and Azure AD—no custom code required.

SSO

  • SAML and OIDC supported
  • Prebuilt integrations with IdPs like Okta, Entra ID, Google SSO, and more
  • Includes SP-initiated and IdP-initiated SSO flows

SSO Quickstart →

SCIM

  • Automate user provisioning, de-provisioning, from directories and HR systems

  • Assign roles using groups and custom attributes defined in directories

  • Single API for all integrations with Azure AD, Google Workspace, Rippling, and more directories

    SCIM Quickstart →
MCP Auth OAuth 2.1 authorization for Model Context Protocol (MCP) servers
API Auth OAuth 2.1 authorization for your API to facilitate Service Principals, M2M Authentication, and more
Passwordless Auth Enable secure, verified logins to your customers via Email OTP or Magic Links or Both
Social Logins Enable OAuth-based logins with Google, Microsoft, GitHub, and more

How it works

Play

Implement SSO in minutes

Play

SCIM - Automate user lifecycle


Frequently Asked Questions

What Identity Providers are supported for SSO?

SSO includes native, prebuilt integrations with all identity providers including Okta, Entra ID (Azure AD), JumpCloud, Google SSO, and more. Works out-of-box with SAML and OIDC.

What directories are supported for SCIM?

Scalekit provides a single API with a unified data format for multi-directory integration. SCIM solution includes corporate directories and HRMS systems like Okta, Azure AD, Rippling, Google Workspace, and more. For directories that do not offer native SCIM support, we provide batch APIs for user provisioning.

What’s Admin Portal?

Admin Portal enables your customers to self-serve manage SSO and SCIM configurations, thus reducing engineering and support overhead for your team. Using Admin Portal, IT admins (in your customers’ organizations) can set up authentication connections, test SSO flows, map custom user attributes, and more. The portal can be embedded into your app with a fully branded UI or shared as a standalone link.

How does Scalekit handle multi-tenancy?

Scalekit is designed with native multi-tenancy and follows organization-first data model. Each organization in your app can have its own authentication policies, SSO/SCIM configuration—without requiring custom code.

Does Scalekit support both SP-initiated and IdP-initiated SSO?

Yes, we support both SP-initiated and IdP-initiated SSO flows for seamless enterprise authentication.

Can I test SSO flows before going live?

Yes, Scalekit provides a built-in IdP Simulator to validate SSO flows in a sandbox environment without affecting production. No real IdP accounts are needed. Test real-world edge cases and simulate error scenarios before deployment.

What user attributes can be mapped through SSO and SCIM?

Scalekit supports both default and custom attributes. You can define custom attributes and roles in your app and map them from identity providers (SSO) and directories (SCIM). This is a self-serve configuration, manageable by both your team and your customers.

What deployment options are available?

Scalekit is a multi-tenant auth platform hosted on public cloud infrastructure. Each of your workspace and environment is logically isolated, ensuring strict data security and access controls.

Where is my data stored?

Currently, our data centers are hosted in the US region, and we use Google Cloud Platform (GCP) as our cloud provider.

We have a robust security and compliance posture:

  • SOC 2 & ISO 27001: Scalekit is a SOC 2 and ISO 27001 compliant authentication provider.
  • GDPR: We are GDPR compliant, utilizing Standard Contractual Clauses (SCCs) to ensure data protection. This allows us to successfully support customers from the EU region.
  • No PII Storage: We only persist configuration and metadata. As part of our solution, we do not store any user or PII information in our persistent database stores.
  • Log Retention: All access and authentication logs are stored for only 30 days and are automatically purged on a rolling 30-day basis.

For more details, please see our additional resources: