Enterprise
Full B2B federation — SAML 2.0 as both Service Provider and Identity Provider, SCIM 2.0 Users + Groups, and LDAP — open-source, no SSO tax.
Qeet ID ships the enterprise federation surface usually reserved for a paid "enterprise" tier — open-source and not paywalled. It works in both directions of SAML, syncs directories with SCIM, and binds to LDAP/AD.
All implemented today
SAML 2.0 SP and IdP, SCIM 2.0 Users + Groups (with PatchOp membership), and LDAP are live. Earlier docs implied SAML/SCIM weren't available — that is no longer true. (Interop/conformance runs against specific vendors are an external validation step, not a code gap.)
Capabilities
SAML SP — consume IdPs
Let customers sign in with their Okta / Entra ID / Google Workspace. SP registry, metadata, AuthnRequest, ACS, JIT provisioning.
SAML IdP — be a source
Qeet ID acts as the IdP: register downstream SPs, publish IdP metadata, serve SP-initiated and IdP-initiated SSO with RSA-SHA256 signed assertions.
SCIM 2.0 — Users + Groups
Okta/Entra-style provisioning + deprovisioning, PatchOp group membership, and per-tenant bearer tokens.
LDAP / AD
Bind-based login plus connection CRUD and a test-bind endpoint.
SAML, both directions
The distinction trips people up, so to be explicit:
| You want… | Qeet ID role | Page |
|---|---|---|
| Your customers' staff to log in with their IdP | Service Provider (SP) | SAML SP |
| Downstream apps to log in with Qeet ID as the IdP | Identity Provider (IdP) | SAML IdP |
SAML assertions (IdP side) are signed RSA-SHA256 and validated against an independent SP library. All connections are per tenant, configurable via the admin dashboard's SAML registries.