Standards
Speaks the standards your security team expects.
SCIM for directory and lifecycle sync. OIDC and OAuth 2.0 for sign-in and connector auth. Part of the platform's authentication and sync layers from day one — not a retrofit.
What's supported.
The short list of what a security reviewer actually cares about — at the depth the review questionnaire asks for.
- SSO — OIDC
- Tenant-configured external sign-in. Google ships with managed credentials; Microsoft, Okta, and custom OIDC providers use tenant-supplied configuration. Domain allowlists, verified-email requirements, account linking, and optional just-in-time user provisioning are first-class settings — not bolt-ons.
- SCIM — directory and lifecycle sync
- Owlie's config-driven SCIM 2.0 connector reads users, groups, and memberships from a SCIM source and provisions accounts and groups back out to SCIM targets — Owlie is the client to the external system, not a hosted endpoint your IdP pushes into. Shipped presets cover AWS IAM Identity Center, Databricks, Snowflake, and GitHub Enterprise Managed Users; a standards-compliant server needs little more than a base URL and auth. Field shapes and lifecycle semantics depend on the target system, so coverage is scoped, documented, and honest about what each side supports.
- OAuth 2.0 — throughout the integrations layer
- Native connectors support authorization-code flow, client credentials, and JWT bearer, as declared by the target system. The in-app builder covers the authorization-code and client-credentials flows: pick the flow, store credentials under tenant-scoped encryption, and refresh tokens without custom code.
What's not at launch.
We don't ship every standards variant. SAML 2.0 is on the roadmap, not at launch — external sign-in is OIDC-based today. Proprietary SSO flavors and obscure federation profiles aren't in launch scope either. If your stack needs one, tell us.
Keep reading.
Integrations overview
Connectors, the builder, and everything in between.
Security
Tenant isolation, session model, Trust Center, SOC 2 program status.
Custom connectors
The in-app builder for systems we don't ship native coverage for.
Request an integration
Tell us which system. We'll say yes, no, or builder.