How OAuth2 SSO Works with Sertone
Server
Control Center
Service
A service registered on the Sertone network. Corporate employees authenticate via OAuth SSO — Sertone validates the token and routes the call to the protected service.
What is the Sertone control center? A single Docker container you run on your own machine — a laptop, a Raspberry Pi, a cloud server. It connects you to the Sertone Global Network. Through its built-in web console, you browse services, register your own, manage your wallet, and monitor your earnings. Installation takes minutes. It is completely free, forever.
docker run -d --name my-sertone -p 3000:3000 -p 3002:3002 sertone/wrapper:latest
Why Corporate SSO for APIs?
Enterprise API consumers don't want to create individual accounts on every marketplace. They already have an identity provider — Okta, Azure Active Directory, Keycloak, or Auth0. Sertone integrates with any OAuth2 / OIDC provider so employees authenticate with the credentials they already use every day.
When an employee signs in through their corporate SSO, Sertone validates the token, checks their group memberships, and automatically provisions the correct subscription tier. A "Data Engineering" group might get access to streaming APIs, while "Finance" gets access to payment and settlement endpoints. No manual onboarding, no support tickets, no waiting.
For API owners, this means enterprise customers adopt faster and churn less. The IT department approves once, and hundreds of employees get instant access. Billing rolls up to the corporate account, and usage reports integrate with existing dashboards.
Live Demo: OAuth2 SSO Flow
Simulated OAuth2 Flow
This demo simulates the full OAuth2 authorization code flow. In production, the user would be redirected to their corporate IdP.
Code Samples
# Call the API through YOUR local Sertone control center
$ curl -X POST https://localhost:3000/internal/call \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_CONSUMER_SECRET" \
-d '{"api_id_public": "API_UUID_FROM_CATALOG", "method": "GET", "path": "/quote/AAPL", "params": {}}'// Call the API through YOUR local Sertone control center
// Consumer secret is in Settings > Security
const response = await fetch('https://localhost:3000/internal/call', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer YOUR_CONSUMER_SECRET'
},
body: JSON.stringify({
api_id_public: 'API_UUID_FROM_CATALOG',
method: 'GET',
path: '/quote/AAPL',
params: {}
})
});
const data = await response.json();
console.log(data.result);# Call the API through YOUR local Sertone control center
import requests
response = requests.post(
'https://localhost:3000/internal/call',
headers={
'Content-Type': 'application/json',
'Authorization': 'Bearer YOUR_CONSUMER_SECRET'
},
json={
'api_id_public': 'API_UUID_FROM_CATALOG',
'method': 'GET',
'path': '/quote/AAPL',
'params': {}
}
)
print(response.json()['result'])Self-Host with Corporate SSO
Install the Control Center
Run the free Sertone Docker container. No cloud account needed.
$ docker run -d --name sertone \
-p 3000-3003:3000-3003 -p 3005-3006:3005-3006 \
-v sertone-data:/app/data \
sertone/wrapper:latestOpen the Web Console
Go to https://localhost:3002/panel in your browser. Create your account, accept terms, and your wallet is generated automatically.
Browse the Catalog
Click Catalog & SDKs in the sidebar. Search for APIs, try them in demo mode (free), then switch to production when ready.
Make Your First Call
Copy your consumer secret from Settings > Security, then use the code samples above to call any API from your own code.