App client with sso_integration

I’m trying to use auth0 as Idp for one of our partner.
They will use our users identities to authenticate their customer.
They will add a button like “Login with contonso” on their login page (not auth0) that will redirect to our login page.

I understand that I need to create an app_client for the integration.
I noticed there is a sso_integration type in the API. How to use this ?

I tried to create one client. It shows a “custom” SSO integration in the UI but fails to display any details. Is there a bug in the UI or am I missing some parameters ?

Hi @sylvain.conti.

Thanks for reaching out to the Auth0 Community!

The SSO integration you are referring to when creating an application, involves integrating SSO using external services like Dropbox and Zoom. This allows your users to log in using Auth0 identity providers listed here.

Here is an example of creating an application with an SSO integration:

{
  "name": "test-sso-app",
  "app_type": "spa",
  "addons": {
    "sso_integration": {
      "name": "Jenkins",
      "version": "2.0"
    }
  }
}

(Reference: Single Sign-On Integrations)

Please let me know if you have any questions.

Thanks,
Rueben

I understand that but there is a sso_integration type in the management API.
https://auth0.com/docs/api/management/v2/clients/post-clients

If I uses that instead of spa or regular_web.
The app appears in the SSO integration section in Admin UI.
However it seems broken.
image

Hi @sylvain.conti,

When you specify the "app_type": "sso_integration", you are essentially creating a custom SSO integration and not an application.

If you are creating an application, you should only select from the following:

  • SPA
  • Native
  • Regular Web App
  • M2M (non-interactive)

If you are configuring an SSO integration, please choose one of the options listed here:
https://marketplace.auth0.com/features/sso-integrations.

If you are not able to find the SSO integration you need, you could either build a custom one yourself or submit a feedback request asking to support that specific integration.

I hope this helps!

Thanks,
Rueben

you could either build a custom one

Can you point me to a documentation to do that.
If I try to create a custom one the Admin UI is broken. I see it as custom in SSO integration page, but I cannot access the details.

image
image

 {
    "name": "MyIntegration",
    "grant_types": [
        "refresh_token","authorization_code"
    ],
    "token_endpoint_auth_method": "none",
    "app_type": "sso_integration",
    "is_first_party": false,
    "oidc_conformant": true,

// I also tried with that
 "addons": {
        "sso_integration": {
            "name": "MyIntegraton",
            "version": "1.0"
        }
    }
...
}

Hi @sylvain.conti,

Thanks for the reply.

The error that you see happens because there isn’t an SSO integration named “MyIntegration”. If you would like to create a custom SSO integration, please refer to the third step outlined in this link.

For this scenario, there’s no need to create an SSO integration. Instead, you will need to create a regular web app, download the certificates, and share these credentials with your partner provider. For an example, please check out this documentation.

Thanks,
Rueben

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.