If you want to view the SDK documentation for Application Management, click here.
Descope allows you to configure Applications within the Applications
page. Within this page, you can configure your OIDC and SAML applications.
When using OIDC applications, Descope becomes the Federated Identity Provider allowing you to unify your user's login experience across
multiple providers.
When using Descope SAML applications, Descope becomes the Identity Provider itself.
This page is an overview of the OIDC and SAML protocols that Application support.
It also highlights the difference between an IdP and SP as it relates to Applications, and how you can associate Applications with users.
You can learn more about creating new applications within Descope from the following documentation guides: SAML Applications or OIDC Applications. The guides walk you through
how to set up an SSO Application from one of our Application Library templates (including Zendesk, Salesforce, Azure Entra ID, and more), or create a Generic OIDC or SAML application.
Note
Configuring custom applications is an Pro/Enterprise-tier feature.
Users can be associated with Applications when using Descope as a SAML/OIDC provider. If you wish to restrict the user's ability to sign up or in, with a specific Application, you can utilize this feature to do so. You can do this either in the Console or via the Management SDKs.
import DescopeClient from '@descope/node-sdk';const managementKey = "xxxx"try{ // baseUrl="<URL>" // When initializing the Descope clientyou can also configure the baseUrl ex: https://auth.company.com - this is useful when you utilize CNAME within your Descope project. const descopeClient = DescopeClient({ projectId: '__ProjectID__', managementKey: managementKey });} catch (error) { // handle the error console.log("failed to initialize: " + error)}// Note that you can handle async operation failures and capture specific errors to customize errors.// An example can be found here: https://github.com/descope/node-sdk?tab=readme-ov-file#error-handling
Create a new OIDC Application with the given name. Application IDs are provisioned automatically
but can be explicitly configured if needed. Both the name and ID must be unique per project.
// Args:// oidcApplicationOptions (OidcApplicationOptions): Options for the OIDC Application create and updateconst oidcApplicationOptions = { "name": "My OIDC Application", "loginPageUrl": "https://my-idp-application.com/login", // "id": (optional), "description": "This is my OIDC Application", "logo": "https://my-idp-application.com/logo", "enabled": true}const resp = await descopeClient.management.ssoApplication.createOidcApplication(oidcApplicationOptions)if (!resp.ok) { console.log("Failed to create OIDC Application.") console.log("Status Code: " + resp.code) console.log("Error Code: " + resp.error.errorCode) console.log("Error Description: " + resp.error.errorDescription) console.log("Error Message: " + resp.error.errorMessage)}else { console.log("Successfully created OIDC Application.") console.log(resp.data)}
Create a new SAML Application with the given name. Application IDs are provisioned automatically
but can be explicitly configured if needed. Both the name and ID must be unique per project.