SSO and user management API


Zato offers a series of secure REST endpoints that let applications manage users in an API-driven manner - everything from sign-up, sessions to password reset is accessible through APIs, without a need for applications to maintain their own databases or servers.

All of the endpoints are SSO-aware (Single Sign-On) which allows people to transparently make use of multiple applications without a need for entering credentials in each one.

The same functionality is available to programmers developing Zato services in Python - opening doors to endless API interaction possibilities - from synchronization using IBM MQ, through FTP data export, ZeroMQ alerts to AMQP events and more, there are no limits to the kind of authentication processes that can be handled.

Key features

  • Powerful yet straightforward
  • Programming-language independent, may be used from Python, JavaScript, Java, .NET or others
  • Very well suited for modern mobile, serverless, WebSocket-based or single-page applications
  • Secure storage, including encryption and customizable password hashing with strong defaults
  • Supports a variety of workflows, easy to plug into new or existing environments
  • Audit log to trace access to PII (Personally Identifiable Information)
  • Can be easily scripted from command line

Topic guides

Topic Description
Quick reference All API calls and methods
Users Create, manage and access user accounts
Sessions Logging users in or out and checking their existing sessions
Passwords Enforcement and validation of user passwords
Password reset How to reset user passwords
Configuration Fine-tuning the system
Audit What kind of information is stored where, when and how to access it
Command line interface Shell commands for admins to use
Status codes Warnings and errors returned by APIs

Schedule a meaningful demo

Book a demo with an expert who will help you build meaningful systems that match your ambitions