diff --git a/sso.schema.yml b/sso.schema.yml
new file mode 100644
index 0000000..b179614
--- /dev/null
+++ b/sso.schema.yml
@@ -0,0 +1,156 @@
+title: SSO Configuration
+description: Variables de personnalisation de votre serveur SSO
+type: object
+properties:
+  cadoles_pod_debian_repository_url:
+    description: URL du dépôt Debian Cadoles
+    type: string
+  cadoles_pod_debian_repository:
+    description: Segment du dépôt Debian à utiliser
+    type: string
+  cadoles_pod_debian_repository_key_url:
+    description: URL de la clé GPG du dépôt Debian Cadoles
+    type: string
+
+  haproxy_package_version:
+    description: Version du paquet 'haproxy' (* pour dernière version disponible)
+    type: string
+  cadoles_pod_hydra_v1_package_version:
+    description: Version du paquet 'cadoles-pod-hydra-v1' (* pour dernière version disponible)
+    type: string
+  cadoles_pod_hydra_dispatcher_v1_package_version:
+    description: Version du paquet 'cadoles-pod-hydra-dispatcher-v1' (* pour dernière version disponible)
+    type: string
+  cadoles_pod_shibboleth_sp_v3_package_version:
+    description: Version du paquet 'cadoles-pod-shibboleth-sp-v3' (* pour dernière version disponible)
+    type: string
+  cadoles_pod_hydra_remote_user_v1_package_version:
+    description: Version du paquet 'cadoles-pod-hydra-remote-user-v1' (* pour dernière version disponible)
+    type: string
+  cadoles_pod_hydra_passwordless_v1_package_version:
+    description: Version du paquet 'cadoles-pod-hydra-passwordless-v1' (* pour dernière version disponible)
+    type: string
+
+  hydra_use_external_database:
+    type: boolean
+    description: Utiliser une base de données externe ?
+  hydra_database_name:
+    type: string
+    description: Nom de la base de données Hydra
+  hydra_database_user:
+    type: string
+    description: Utilisateur pour la base de données Hydra
+  hydra_database_password:
+    type: string
+    description: Mot de passe pour la base de données Hydra
+  hydra_database_host:
+    type: string
+    description: Hôte de la base de données Hydra
+  hydra_database_port:
+    type: number
+    description: Port de la base de données Hydra
+
+  haproxy_public_base_url:
+    type: string
+    description: URL de base pour le serveur SSO
+  haproxy_hydra_dispatcher_base_path:
+    type: string
+    description: Chemin du point d'entrée d'hydra-dispatcher
+  haproxy_hydra_passwordless_base_path:
+    type: string
+    description: Chemin du point d'entrée d'hydra-passwordless
+  haproxy_hydra_saml_base_path:
+    type: string
+    description: Chemin du point d'entrée d'hydra-remote-user (SAML)
+
+  haproxy_forwarded_proto:
+    type: string
+  haproxy_forwarded_host:
+    type: string
+  haproxy_forwarded_port:
+    type: string
+
+  hydra_urls_self_issuer_url:
+    type: string
+  hydra_urls_consent:
+    type: string
+  hydra_urls_login:
+    type: string
+  hydra_urls_logout:
+    type: string
+
+  hydra_log_level:
+    type: string
+  hydra_log_leak_sensitive_values:
+    type: boolean
+
+  # This value should not be changed after first deployment !
+  hydra_secrets_seed:
+    type: string
+
+  # Hydra clients
+
+  hydra_clients:
+    type: array
+    items:
+      type: object
+      properties:
+        client_id:
+          type: string
+        client_name:
+          type: string
+        client_secret:
+          type: string
+
+  # Hydra Passwordless configuration
+
+  enable_hydra_passwordless:
+    type: boolean
+  hydra_passwordless_app_title:
+    type: string
+  hydra_passwordless_app_description:
+    type: string
+  hydra_passwordless_app_icon_url:
+    type: string
+  hydra_passwordless_smtp_host:
+    type: string
+  hydra_passwordless_smtp_port:
+    type: number
+  hydra_passwordless_smtp_user:
+    type: string
+  hydra_passwordless_smtp_password:
+    type: string
+  hydra_passwordless_smtp_insecure_skip_verify:
+    type: boolean
+  hydra_passwordless_smtp_use_start_tls:
+    type: boolean
+  hydra_passwordless_sender_address:
+    type: string
+  hydra_passwordless_sender_name:
+    type: string
+
+  enable_hydra_saml:
+    type: boolean
+  hydra_saml_app_title:
+    type: string
+  hydra_saml_app_description:
+    type: string
+  hydra_saml_app_icon_url:
+    type: string
+  hydra_saml_idp_entity_id:
+    type: string
+  hydra_saml_idp_metadata_url:
+    type: string
+
+  # OIDC Test configuration
+
+  enable_oidc_test_app:
+    type: boolean
+  oidc_test_app_public_base_url:
+    type: string
+  oidc_test_app_client_id:
+    type: string
+  oidc_test_app_client_secret:
+    type: string
+
+additionalProperties: true
\ No newline at end of file