---
title: Overview
path: overview
status: published
---

# Overview

ScaiKey is the identity platform underneath the ScaiLabs ecosystem. It's a multi-tenant OpenID Connect provider with directory services, federated SSO, multi-factor authentication, SCIM provisioning, and machine-to-machine token issuance.

Every application in the ScaiLabs ecosystem authenticates against ScaiKey, and you can register your own apps the same way using standard OAuth 2.0 / OIDC.

## What you'd use it for

- **Single sign-on across multiple apps** — one login, many products, with consistent session management and logout.
- **A place to decide who can access what** — partners, tenants, users, groups, roles, and per-application assignments.
- **Service-to-service tokens** — `client_credentials` and RFC 8693 Token Exchange for backend systems that talk to other backend systems.
- **A SCIM-compatible directory backbone** — let an external HR system provision users into ScaiKey, then have everything downstream see the change.
- **Federation with external IdPs** — bring users in from Azure AD, Okta, Google Workspace, or any OIDC/SAML provider.

## What it isn't

ScaiKey is not a CRM, a billing system, or product analytics. It is the identity layer underneath those — the source of truth for *who* and *what they may do*. Information about *who paid for what* lives in product-specific systems.

## How to read these docs

- New here? Start with [Quickstart](/docs/scaikey/quickstart) — five minutes from registering an application to getting a working access token.
- Want the mental model? Read [Concepts](/docs/scaikey/concepts) end-to-end.
- Integrating an app right now? Jump to [Tutorials](/docs/scaikey/tutorials).
- Looking up an endpoint, scope, or event type? [Reference](/docs/scaikey/reference) is the authoritative listing.
- Hit a 401 or 403 you don't understand? [Troubleshooting](/docs/scaikey/troubleshooting).