BluAuth
Sign in

BluAuth Documentation

BluAuth is Blu's centralized identity broker. It federates sign-in to upstream enterprise providers, issues OIDC tokens for downstream Blu apps, and owns the hosted login experience — branding, copy, and the full email lifecycle.

Pick your path

  • Signing in or resetting your password? Start with the password reset guide.
  • Configuring the identity suite for your tenant? Read the admin guides.
  • Building a downstream app that uses BluAuth? Start with OIDC integration.
  • Looking for API shapes, event payloads, or design tokens? Jump to the reference.

For end users

If you're trying to sign in to a Blu app and something isn't working, the user FAQ is where to start. It covers password resets, sign-in troubleshooting, invite-versus-provider mismatches, and two-factor authentication in plain language, with steps you can follow without needing to involve IT. If the email you're expecting never shows up, there's a dedicated guide that walks through the usual causes.

For tenant admins

If you manage BluAuth for your organization, the admin guides cover the day-to-day. Start with the users guide for invitations, role changes, and account merges, then move on to the providers guide for wiring up Google, Microsoft, Okta, or SAML. When you're ready to customize the hosted login UI for your tenant, the theme studio overview walks through logos, colors, copy overrides, and email templates.

For integrators

If you're building a Blu app that signs users in through BluAuth, the integration docs show how. The OIDC flow guide covers the authorization code flow end to end — redirect URLs, scopes, token validation, and session handling. If your app also sends transactional mail, the email triggers reference lists the events BluAuth reacts to so you don't duplicate them in your own app. For the full machine-readable surface, jump to the API reference or the event shapes.

For operators

If you're on call for BluAuth itself, the deployment runbook is the first page to bookmark. It covers deploying to stages, rollbacks, and local ops. Pair it with the errors reference so you can decode anything a user or app is seeing, and the event shapes when you need to trace a flow across services.