diff --git a/docs/kratos/applications/applications.mdx b/docs/kratos/applications/applications.mdx
new file mode 100644
index 000000000..e7b860c78
--- /dev/null
+++ b/docs/kratos/applications/applications.mdx
@@ -0,0 +1,192 @@
+---
+id: applications
+title: Manage SAML 2.0 Applications
+sidebar_label: SAML Applications
+---
+
+:::info
+
+SAML applications are only available in Ory Network and are not supported in self-hosted Ory Kratos. If you have any questions, or
+if you would like more information about transitioning to Ory Network, please don't hesitate to
+[reach out](https://www.ory.sh/contact/).
+
+:::
+
+Ory is now a SAML 2.0 Identity Provider, enabling you to connect your Ory-managed identities to third-party SAML-compatible
+applications.
+
+**Key Capabilities**
+
+- Configure Ory as a SAML IdP to external applications (SPs)
+- Configure SAML applications with ACS URLs and Entity IDs
+- Support for SP-initiated login flows
+- Attribute mapping from Ory identities to SAML assertions (NameID, email, roles, etc.)
+- Metadata endpoint to allow easy SP registration
+
+**Example Use Cases**
+
+- Enable SSO into your internal tools using Ory as the identity source
+- Connect to enterprise SaaS apps that support SAML (e.g., Salesforce, Zendesk, GitLab)
+- Allow federated login across business units or customer organizations
+
+This documentation article explains how to manage SAML applications clients using the Ory Console, Ory SDK, Ory CLI, and Ory REST
+APIs.
+
+## Create SAML application
+
+To create a new SAML application, use the following methods:
+
+````mdx-code-block
+import Tabs from '@theme/Tabs'
+import TabItem from '@theme/TabItem'
+
+
+
+
+The Ory Console is a web-based user interface that allows you to manage SAML applications. To create a new application:
+
+1. Go to
+2. Click **Add new SAML application** and complete the form.
+
+
+
+
+```shell
+ory create oauth2-client \
+ --grant-type authorization_code --grant-type refresh_token --grant-type client_credentials \
+ --response-type code \
+ --scope openid --scope offline_access \
+ --token-endpoint-auth-method client_secret_post \
+ --redirect-uri https://my-app.com/callback --redirect-uri http://my-other-app.com/callback
+```
+
+
+
+
+```mdx-code-block
+import CodeBlock from '@theme/CodeBlock'
+import createTs from '!!raw-loader!../../../code-examples/sdk/typescript/src/oauth2/client-create.ts'
+
+{createTs}
+```
+
+
+
+
+See [API documentation](../../reference/api#tag/oAuth2/operation/createOAuth2Client).
+
+
+
+````
+
+## Update SAML application
+
+To update an existing SAML application, use the following methods:
+
+````mdx-code-block
+
+
+
+1. Go to .
+2. Locate the application you want to update.
+3. Click on the **pen symbol** to update the application's configuration.
+3. When you are finished, scroll to the top and click **Save**.
+
+
+
+
+```
+ory update oauth2-client --project --workspace {client.id} \
+ --grant-type authorization_code --grant-type refresh_token --grant-type client_credentials \
+ --response-type code \
+ --scope openid --scope offline_access \
+ --token-endpoint-auth-method client_secret_post \
+ --redirect-uri https://a-new-callback
+```
+
+
+
+
+```mdx-code-block
+import updateTs from '!!raw-loader!../../../code-examples/sdk/typescript/src/oauth2/client-update.ts'
+
+{updateTs}
+```
+
+
+
+
+See [API documentation](../../reference/api#tag/oAuth2/operation/setOAuth2Client).
+
+
+
+````
+
+## Patch SAML application
+
+To partially update an existing SAML application, use the following methods:
+
+````mdx-code-block
+
+
+
+1. Go to .
+2. Locate the application you want to update.
+3. Click on the **pen symbol** to update the application's configuration.
+3. When you are finished, scroll to the top and click **Save**.
+
+
+
+
+```mdx-code-block
+import patchTs from '!!raw-loader!../../../code-examples/sdk/typescript/src/oauth2/client-patch.ts'
+
+{patchTs}
+```
+
+
+
+
+See [API documentation](../../reference/api#tag/oAuth2/operation/patchOAuth2Client).
+
+
+
+````
+
+## Delete SAML application
+
+To delete an existing SAML application, use the following methods:
+
+````mdx-code-block
+
+
+
+1. Go to .
+2. Locate the application you want to update.
+3. Click on **trash bin symbol** to update the application's configuration.
+3. Confirm the dialog to complete the deletion.
+
+
+
+
+```
+ory delete oauth2-client {client.id}
+```
+
+
+
+
+```mdx-code-block
+import clientDeleteTs from '!!raw-loader!../../../code-examples/sdk/typescript/src/oauth2/client-delete.ts'
+
+{clientDeleteTs}
+```
+
+
+
+
+See [API documentation](../../reference/api#tag/oAuth2/operation/deleteOAuth2Client).
+
+
+
+````
diff --git a/src/components/ConsoleLink/console-nav-data.ts b/src/components/ConsoleLink/console-nav-data.ts
index 96cdc6d0d..215f00213 100644
--- a/src/components/ConsoleLink/console-nav-data.ts
+++ b/src/components/ConsoleLink/console-nav-data.ts
@@ -92,6 +92,10 @@ export const authenticationPaths: Path[] = [
title: "Enterprise SSO",
href: routes.project.authentication.organizations.route,
},
+ {
+ title: "SAML Applications",
+ href: routes.project.authentication.applications.route,
+ },
{
title: "Account recovery",
href: routes.project.recovery.route,
diff --git a/src/components/ConsoleLink/console-routes.ts b/src/components/ConsoleLink/console-routes.ts
index 78b523cb9..ae7b90e15 100644
--- a/src/components/ConsoleLink/console-routes.ts
+++ b/src/components/ConsoleLink/console-routes.ts
@@ -234,6 +234,11 @@ export const routes = {
`/projects/${project}/authentication/organizations/${id}`,
},
},
+ applications: {
+ route: "/projects/[project]/authentication/applications",
+ href: (project: string) =>
+ `/projects/${project}/authentication/applications`,
+ },
},
hostedUI: {
registration: (base: string) => `${base}/registration`,
diff --git a/src/sidebar.ts b/src/sidebar.ts
index 79976f641..576c26de6 100644
--- a/src/sidebar.ts
+++ b/src/sidebar.ts
@@ -313,6 +313,7 @@ const kratos: SidebarItemsConfig = [
"kratos/passwordless/one-time-code",
"kratos/passwordless/passkeys",
"kratos/organizations/organizations",
+ "kratos/applications/applications",
"kratos/emails-sms/custom-email-templates",
],
},