Documentation
All guides
AuthServer for identity and sessions, FGA for hierarchical authorization, and a shared example stack.
For agents: Start with the Documentation Index for a complete map of guides, URLs, and APIs.
Install, configure, and run the SqlOS example stack.
Organizations, users, sessions, OIDC providers, SAML SSO, and the auth dashboard.
Identity, sessions, organizations, and SSO in one embedded module.
Manage auth and authorization from the embedded admin UI.
Use SqlOS as the authorization server while your app owns the login UI.
Choose the right auth presentation mode for your app.
Step-by-step implementation guide for custom authorize pages.
Create tenants and manage multi-org membership.
Configure SAML enterprise SSO for organizations.
Create users and manage credentials.
Assign users to organizations with roles.
Register OAuth client applications with redirect URIs.
Authenticate users with email and password.
Route users to password or SSO by email domain.
Access tokens, refresh tokens, validation, and session lifecycle.
Validate access tokens and extract user claims.
Configure Google, Microsoft, Apple, and custom OIDC providers.
Rotate refresh tokens, switch organizations, and revoke sessions.
Configure session lifetimes and token expiration.
Configure Google OAuth for SqlOS AuthServer.
Configure Microsoft Entra OAuth for SqlOS AuthServer.
Configure Sign in with Apple for SqlOS AuthServer.
Connect any OIDC-compliant provider.
Resource hierarchy, grants, roles, permissions, and EF Core query-time filtering.
Hierarchical authorization for .NET apps with query-time filtering.
Resources, subjects, roles, permissions, and grants.
Define roles as named sets of permissions.
Permission keys scoped to resource types.
Assign roles to subjects on resources.
Model your app's data as a tree for inherited permissions.
Users, agents, service accounts, and groups.
Connect your EF Core entities to the FGA resource tree.
Point-check whether a subject can perform an action.
Browse resources, manage grants, and test access decisions.
Filter EF Core queries by authorization at query time.
Fetch and authorize a single entity in one call.
Authorize writes and create resources in the hierarchy.
Root-level permission checks for global gates.
Add resources to the FGA hierarchy.
Sync AuthServer users and memberships into FGA subjects and grants.
SDK methods, API endpoints, and contract types.
All SqlOS services, methods, and contracts.
HTTP endpoints for auth, admin, and FGA.
Complete method reference for CheckAccess, GetAuthorizationFilter, CreateResource, PagedSpec, and more.
Complete method reference for login, signup, SSO, OIDC, token management, and admin operations.