SSO (Vectora Auth)
Vectora Auth is Vectora’s independent identity system. It allows organizations to manage access to code intelligence sovereignly and in isolation.
Standalone Identity
Unlike previous versions, Vectora now operates its own identity provider or allows connection with external providers (BYOI - Bring Your Own Identity).
SSO Options
Vectora supports integration with leading market providers via standard protocols:
- OAuth2 / OpenID Connect (OIDC): Connect Vectora directly to Google Workspace, GitHub Enterprise, Okta, or Auth0.
- SAML 2.0: Robust integration with Microsoft Azure AD and other enterprise providers.
Provider Configuration
To configure an external provider, add the credentials to your configuration file or environment variables:
VECTORA_AUTH_METHOD=oidc
VECTORA_OIDC_ISSUER=https://accounts.google.com
VECTORA_OIDC_CLIENT_ID=your_client_id
VECTORA_OIDC_CLIENT_SECRET=your_client_secretAuthentication Flow
- The user requests access via CLI or Interface.
- Vectora redirects to the configured SSO provider.
- After login, Vectora issues a locally signed Vectora JWT.
- This token is used for all interactions with the search engine and MCP tools.
External Linking
| Concept | Resource | Link |
|---|---|---|
| OpenID Connect | OIDC Core 1.0 Specification | openid.net/specs/openid-connect-core-1_0.html |
| JWT | RFC 7519: JSON Web Token Standard | datatracker.ietf.org/doc/html/rfc7519 |
| OAuth 2.0 | RFC 6749: The OAuth 2.0 Authorization Framework | datatracker.ietf.org/doc/html/rfc6749 |
| MCP | Model Context Protocol Specification | modelcontextprotocol.io/specification |
| MCP Go SDK | Go SDK for MCP (mark3labs) | github.com/mark3labs/mcp-go |
Part of the Vectora ecosystem · Open Source (MIT) · Contributors