SAML Shield offers flexible integration paths depending on your team’s infrastructure, security posture, and operational needs. Each option enables pre-processing validation of SAML assertions to detect and block known attack vectors before they reach your application logic.
Select your deployment option to get started:
Open source
Self-contained, open source Node.js library for full control.
Recommended for
Managed
Hosted service accessible via Node.js & Python SDKs or HTTP API.
Recommended for
Proxy
Forward SAML responses to SAML Shield for edge validation.
Recommended for
Validate SAML assertions locally, directly within your authentication flow.
Validate SAML assertions against a Stytch-managed protocol-aware backend.
Validate SAML assertions at the edge before they reach your application.
Compare features between the two deployment options.
Features | OSS | Stytch-managed |
---|---|---|
Cost | Free | 500 free requests per month + 0.10 cents per request afterwards |
Language support | Node.js only | Any via API Node.js and Python SDKs |
Installation method | Node.js library | SDK and/or proxy |
Threat rule updates | Manual | Automatic |
Centralized logging & backtesting | Not included | Coming soon |
Secure 3rd-party apps | Not included | Proxy support |