How we added Single-Sign-On (SSO) functionality to our open source API gateway

Tyk, an open-source API gateway, introduced a Single-Sign-On (SSO) functionality after receiving feedback from its user community, marking the first open-source RBAC SSO integration. The development process involved extensive community engagement to gather diverse requirements, leading to the identification of key needs such as SSO, Role-Based Access Control (RBAC), and Multi-factor Authentication (MFA). The implementation began with a Minimum Viable Product (MVP) in version 2.4, which included LDAP support, custom login page creation, and basic permission setting for SSO users. Subsequent updates aimed to support integration with third-party Identity Providers (IDPs) using OpenID Connect and to enhance the Tyk Dashboard Admin API for creative SSO integrations. Future plans include adding SAML support and expanding RBAC functionalities, with ongoing community involvement to refine and prioritize these developments.