SAML Shield

Installation

SAML Shield offers flexible integration paths depending on your team’s infrastructure, security posture, and operational needs. Each option enables pre-processing validation of SAML assertions to detect and block known attack vectors before they reach your application logic.

Deployment options

Select your deployment option to get started:

Architecture diagrams

Open source

Validate SAML assertions locally, directly within your authentication flow.

Open source architecture diagram

Managed

Validate SAML assertions against a Stytch-managed protocol-aware backend.

Managed architecture diagram

Proxy

Validate SAML assertions at the edge before they reach your application.

Proxy architecture diagram


OSS vs. Stytch-managed

Compare features between the two deployment options.

FeaturesOSSStytch-managed
CostFree500 free requests per month + 0.10 cents per request afterwards
Language supportNode.js onlyAny via API
Node.js and Python SDKs
Installation methodNode.js librarySDK and/or proxy
Threat rule updatesManualAutomatic
Centralized logging &
backtesting
Not includedComing soon
Secure 3rd-party appsNot includedProxy support