What is Shyntr?
Shyntr is a lightweight, visionary Identity Broker designed to bridge the gap between modern applications and diverse Identity Providers. It acts as a universal adapter, unblocking the complexity of authentication protocols so you can focus on building your product.
Identity management is fragmented. Developers are stuck building translation layers between legacy SAML systems, modern OIDC clients, and custom backends. Shyntr unifies this chaos. It does not manage users; it manages the conversation between your users and your applications.
Core Capabilities
The Authentication Hub
Centralize your authentication traffic. Route requests from any application to any identity provider transparently. Shyntr serves as the single point of control for all your authentication flows.
Protocol Translation
Seamlessly bridge the gap between SAML and OpenID Connect/OAuth2:
- Let your modern apps communicate with legacy corporate directories
- Enable legacy applications to integrate with modern social logins
- No protocol expertise required on either end
Rapid Compliance
Instantly provide standard-compliant OIDC endpoints for your custom internal systems without rewriting your security layer.
The Shyntr Ecosystem
Shyntr is headless by design, meaning the core backend strictly handles cryptographic protocols, token generation, and security boundaries. It does not enforce a generic UI.
To provide a complete out-of-the-box experience, the ecosystem includes:
| Component | Description | Repository |
|---|---|---|
| Shyntr Identity Hub | High-performance Go backend - the universal protocol translator and Zero Trust Broker | shyntr/shyntr |
| Shyntr Auth Portal | User-facing Next.js app for Login, Consent, and Logout flows | shyntr/shyntr-auth-portal |
| Shyntr Dashboard | React admin portal for managing Tenants, Connections, and Attribute Mapping | shyntr/shyntr-dashboard |
You can use the provided Auth Portal and Dashboard directly, or build your own custom UIs in any language. The core Identity Hub exposes all functionality via well-documented APIs and CLI.
Core Scenarios
1. The Gateway (Federation)
You have an existing OpenID Connect service (like Auth0, Google, or a custom OIDC Provider), but you need to support SAML enterprise customers.
Shyntr sits in the middle. It accepts the SAML request, translates the handshake, validates the session against your existing OpenID provider, and routes the authenticated user back—all without your Identity Provider needing to know a thing about SAML.
2. The Interface (Custom Provider)
You have a proprietary user database and need to expose it to 3rd party apps via standard OAuth2/OIDC.
Instead of building an OAuth2 engine from scratch, connect Shyntr to your system. Shyntr handles the cryptographic heavy lifting, token generation, and protocol flow, while your system simply approves the login.
Why Choose Shyntr?
| Feature | Benefit |
|---|---|
| Headless Architecture | Full control over your UI/UX |
| Protocol Agnostic | SAML 2.0 and OIDC/OAuth2 support |
| Multi-Tenant Native | Built for SaaS from day one |
| Zero Trust Ready | Enterprise-grade security by default |
| Complete Ecosystem | Auth Portal + Dashboard included |
| Open Source | Apache-2.0 licensed, community-driven |
Quick Start
Get the complete Shyntr ecosystem running in minutes with Docker Compose:
# Create docker-compose.yml (see Docker Compose guide)
# Then start all services
docker-compose up -d
# Access the services:
# - Dashboard: http://localhost:3274
# - Auth Portal: http://localhost:3000
# - OIDC Discovery: http://localhost:7496/.well-known/openid-configuration
- Follow the complete Docker Compose Guide for the full setup
- Learn about the Headless Architecture to understand how Shyntr separates UI from logic
- Explore Protocol Translation to see how SAML and OIDC work together
License
Shyntr is proudly open-source and licensed under the Apache-2.0 license. Check the LICENSE file for details.