White-label API portal authentication with your own IdP

For teams building APIs as products, the developer portal is the front door to your business. It’s where partners discover your endpoints, where customers authenticate and start integrating, and where the quality of the experience directly shapes adoption.  

Now that changes. Today we’re announcing Portal IdP, a new capability in SmartBear Swagger Portal that lets you authenticate external consumers through your own identity provider, delivering a fully white-labelled, securely isolated portal experience that’s purpose-built for APIs as products. Now Swagger Portal customers who want to extend their front door to consumers – partners, third-party developers, enterprise clients, or even internal team members – can do so.  

What is Swagger Portal IdP? 

Swagger Portal delivers application integrity by ensuring APIs are discoverable and continuously aligned with current versions – so teams can evolve APIs rapidly while maintaining consumer confidence. But as more companies began treating their APIs as commercial or partner-facing products, a gap emerged between what the portal could do internally and what consumer use cases demanded. 

Portal IdP is a brand-new capability that enables Swagger Portal customers to authenticate external consumers via their own identity provider, fully white-labelled, cleanly separated from non-consumer users, and built with enterprise-grade security from the ground up. 

Here’s what that looks like in practice. 

Bring your own IdP 

Connect your existing external identity provider to Swagger Portal. Whether your organization uses identity providers that utilize either OIDC (OpenID Connect) SAML, Portal IdP integrates with it. Your consumers will authenticate using your login mechanisms where they are already pre-approved. No more broken authentication workflows. Your IdP, your rules. 

A fully white-label experience 

With Portal IdP, login pages carry your brand. When an external developer lands on your portal’s login screen, they see your logo, your colors, and your messaging. The entire experience reinforces your brand identity, exactly what you need when your API portal is a consumer-facing product. 

A purpose-built, read-only consumer role 

Consumers authenticated through Portal IdP receive a dedicated read-only role that grants access exclusively to the consumer side of your portal. They can browse your API documentation, explore endpoints, and access the resources you’ve published for them. 

Under the hood: How Swagger Portal IdP works 

Swagger Portal IdP is built for enterprise-grade security and simplicity. When a consumer navigates to your portal, they’re presented with your branded login page. They enter credentials that your external identity provider authenticates – Portal never sees or stores these credentials. Your IdP manages access to the Portal. 

Once validated, the consumer receives an isolated, read-only session scoped exclusively to your portal’s consumer experience. This architecture means there’s no overlap between your internal Swagger environment and the Portal consumer experience.  

Swagger Portal IdP empowers user-centric authentication 

Portal IdP transforms Swagger Portal from a powerful internal documentation tool into a fully white-labelled, consumer-facing API product platform that ensures producers and consumers always work from the same source of truth. You can hand your partners, customers, and third-party developers a portal experience that looks, feels, and authenticates like your product, because it is. 

This matters especially for organizations operating at AI speed and scale. If you have hundreds or thousands of external partners who consume your APIs, you no longer need to provision each one as a full Viewer with access to your entire Swagger environment. Instead, you give them exactly what they need – a secure, branded, read-only access to the APIs you’ve published. 

How to get started

Portal IdP is available now. If you’re an existing Swagger Portal customer, reach out to your account team to discuss this feature and start connecting your external identity provider. If you’re evaluating Swagger Portal for the first time, now is the moment to see what a truly white-labelled, enterprise-ready API portal can do for your partner and developer ecosystem. 

Your APIs are your product. It’s time your portal reflected that. 

To learn more about Portal IdP, visit our documentation or contact your account manager.