Skip to main content
Noxus provides a flexible and secure authentication system designed for enterprise environments. While Auth0 is utilized as the default underlying identity provider, the platform’s behavior is managed through a comprehensive auth_config system.

Supported Connections

Noxus supports multiple authentication methods, allowing you to mix and match providers based on your security requirements.

Social & OAuth

Native support for Google OAuth2, GitHub, and Microsoft (Windows Live) logins.

Enterprise SSO

Robust SAML and SAMLP integration for seamless federation with corporate identity providers.

Configuration Surface (auth_config)

The platform’s authentication behavior is governed by a central configuration schema that controls everything from branding to complex attribute mapping.

Whitelabeling & UI

Customize the login experience to match your corporate identity:
  • Logo & Size: Configure custom whitelabel_logo and adjust its display size.
  • Branding: Set a custom whitelabel_name and whitelabel_primary_color.

Security & Tenant Policies

  • Domain Restriction: Use allowed_domains or allowed_email_pattern to restrict access to specific corporate domains.
  • Email Verification: Enforce force_email_verification for all new signups.
  • MFA: Globally require multi-factor authentication via require_mfa.
  • Session Control: Define session_duration_hours to manage login persistence.

Workspace & Onboarding

  • Autojoin: Automatically assign new users to a specific tenant via autojoin_tenant_id.
  • Personal Workspaces: Toggle create_personal_workspace to control whether users get an isolated sandbox upon signup.
  • Onboarding: Use skip_onboarding for a more streamlined entry for experienced users.

SAML Attribute Mapping

For enterprise deployments using SAML, Noxus offers an advanced Attribute Mapping engine. This allows you to autonomously manage user permissions based on their identity provider groups or attributes.

Mapping Rules

You can define rules that match specific SAML attributes (e.g., groups, department, role) using modes like exact, contains, or regex.

Automated Provisioning

When a rule matches, Noxus can:
  • Assign Workspaces: Automatically add users to specific workspaces with predefined roles (Admin, Editor, Reader).
  • Create Workspaces: Dynamically create workspaces on-the-fly if they don’t exist.
  • Set Tenant Roles: Assign the user’s global role within the organization.
  • Default Workspaces: Set a specific workspace as the user’s default landing environment.

Redirect Management

Noxus supports sophisticated redirect logic to handle complex multi-domain environments. You can define a redirect_map that routes users to different URLs based on their login domain, including support for wildcard patterns (e.g., *.example.com).

Authorization

Learn how to manage permissions after a user is authenticated.

Secrets Management

See how to securely store your authentication credentials.