Auth0

Learn how to configure a connection to Auth0 via SAML.

Introduction

Each SSO Identity Provider requires specific information to create and configure a new Connection. Often, the information required to create a Connection will differ by Identity Provider.

To create a Auth0 SAML Connection, you’ll need the Identity Provider metadata that is available from the organization’s Auth0 instance.

Start by logging in to your WorkOS dashboard and browse to the “Organizations” tab on the left hand navigation bar.

Select the organization you’d like to configure an Auth0 SAML Connection for, and select “Manually Configure Connection” under “Identity Provider”.

A screenshot showing where to find "Manually Configure Connection" in the WorkOS Dashboard.

Select “Auth0 SAML” from the Identity Provider dropdown, enter a descriptive name for the connection, and then select the “Create Connection” button.

A screenshot showing "Create Connection" details in the WorkOS Dashboard.

What WorkOS Provides

WorkOS provides the ACS URL and SP Entity ID, which are readily available in your Connection Settings in the WorkOS Dashboard.

A screenshot showing where to find the ACS URL and SP Entity ID in the WorkOS Dashboard.

The ACS URL is the location an Identity Provider redirects its authentication response to. In Auth0’s case, the ACS URL needs to be set by the organization when configuring your application in their Auth0 instance.

The SP Entity ID is a URI used to identify the issuer of a SAML request and the audience of a SAML response. In this case, the SP Entity ID is used to communicate that WorkOS will be the party performing SAML requests to the organization’s Auth0 instance, and that WorkOS is the intended audience of the SAML responses from the Auth0 instance.

Specifically, the ACS URL will need to be set as the “Application Callback URL” on the SAML2 Web App Settings page found under the “Addons” tab in an Auth0 application. You will need to toggle on the SAML2 Web App for the settings modal to appear where you can add the ACS URL under the Application Callback URL input.

A screenshot showing a toggle to turn on the SAML2 web app addon for Auth0 applications.

A screenshot showing where to set the ACS URL in the SAML2 web app settings for Auth0 applications.

The SP Entity ID will need to be set as the “audience” value in the Settings JSON object on the SAML2 Web App Settings page.

After the Application Callback URL and Audience have been added, scroll to the bottom and click “Enable”.

A screenshot showing where to set the SP Entity ID in the SAML2 web app settings for Auth0 applications.

What you’ll need

In order to integrate you’ll need the Auth0 IdP Metadata URL.

Normally, this information will come from the organization’s IT Management team when they set up your application’s SAML 2.0 configuration in their Auth0 admin dashboard. Here’s how to obtain them:

1. Log In and Select Your Application

Log in to Auth0, go to the admin dashboard, select “Applications” in the sidebar, and then select the “Applications” menu option. Next, select your application from the list of applications.

A screenshot showing where to find the web application in Auth0 Dashboard.

2. Obtain Identity Provider Metadata

On the application’s Settings page, scroll down to the bottom and expand the “Advanced Settings” section. Select the “Endpoints” tab and copy the SAML Metadata URL. You’ll need this in the next step.

A screenshot of the IdP Metadata XML URL in the Auth0 Dashboard.

3. Upload Metadata URL

Finally, upload the SAML Metadata URL you saved earlier in your WorkOS Connection settings. Your Connection will then be linked and good to go!

A screenshot showing where to place the Auth0 IdP Metadata URL in the WorkOS Dashboard.