Pomerium provides authentication through your existing identity provider (**IdP**) and supports all major single sign-on (**SSO**) providers.

Pomerium uses the OAuth 2.0 and OIDC protocols to integrate with your IdP so you can configure any IdP solution that supports these protocols.

The steps to integrate your IdP with Pomerium vary depending on your provider, but all IdPs generally require the following settings:

- **[Redirect URI](https://www.oauth.com/oauth2-servers/redirect-uris/)**
- **[Client ID]**
- **[Client Secret]**

The **Redirect URI** should include your [Authenticate Service URL](https://www.pomerium.com/docs/reference/service-urls.md#authenticate-service-url) with `/oauth2/callback` in the URL path.

For example, `https://{authenticate_service_url}.com/oauth2/callback`.

See the guides in this section for specific steps to integrate your IdP with Pomerium.

If you want to try out Pomerium without configuring an IdP, you can use our [Hosted Authenticate Service](https://www.pomerium.com/docs/capabilities/authentication.md#hosted-authenticate-service) instead.

[client id]: https://www.pomerium.com/docs/reference/identity-provider-settings.md#identity-provider-client-id

[client secret]: https://www.pomerium.com/docs/reference/identity-provider-settings.md#identity-provider-client-secret

[environmental variables]: https://en.wikipedia.org/wiki/Environment_variable

[oauth2]: https://oauth.net/2/

[openid connect]: https://en.wikipedia.org/wiki/OpenID_Connect
