One endpoint. Any identity provider.
Broker is Thoryn's flagship product. It acts as an OAuth 2.0 / OIDC authorization hub — brokering identity across enterprise IdPs, EU Digital Wallets, and internal services.
Key features
Protocol translation
SAML, OIDC, eIDAS, and EUDIW — Broker speaks them all and normalises identity into a single token format.
Claim enrichment
Enrich tokens with attributes from any federation member without touching your application code.
PKCE and PAR
RFC 7636 and RFC 9126 enforced by default. No legacy flows.
EU-only data residency
All token issuance and key material stays within EU infrastructure. No CLOUD Act exposure.
Use cases
Enterprise SSO
Give your enterprise customers SSO via their own Okta, Azure AD, or SAML provider — without building the plumbing yourself.
eIDAS 2.0 login
Accept EU Digital Identity Wallets as a first-class identity source for citizens and businesses.
Multi-tenant SaaS
Isolate tenant identity, route login to the correct IdP, and enforce per-tenant MFA policies — all in one place.
FAQ
- Does Broker support SAML?
- Yes — Broker translates SAML 2.0 assertions from upstream enterprise IdPs into OIDC tokens, so your applications only ever speak OIDC.
- Is Broker eIDAS 2.0 compatible?
- Yes. Broker can accept presentations from EUDIW-compatible wallets and translate the PID claims into standard OIDC claims.
- Where does Broker run?
- Broker runs entirely on EU infrastructure. All key material, token issuance, and user data stays within the EU.