Auth0 and Palo Alto Global Protect

SP2020 · November 3, 2020, 2:09pm

Hi,
Quite new to SAML and Auth0 and trying to integrate Auth0 as SAML IdP with Palo Alto Global Protect
and having 2 issues:

the Authentication the Global Protect Portal works fine but the User ID being passed is in a format auth0|349423438493248932 which doesnt work as we use Username or Email Address as the identifier so how can I change this in Auth0?
the second part of the authentication to the global protect gateway fails and in the global prtect logs i see invalid gateway credentials auth0|349423438493248932 but i also see the username change to auth0%7c349423438493248932

can anyone help on how to change point 1 and why point 2 is failing? i have specified both URL’s created the SP (Firewall) into the Callback URLs within the application settings but cant figure out what is causing the failure.

Thanks

joseantonio.rey · November 19, 2020, 3:16am

Hello, @SP2020! Welcome to the Auth0 Community.

You can find a sample rule here, which tells you how to set the NameID claim: Customize SAML Assertions

You should configure it to your liking.

As for #2, this is because your system is URLEncoding the value.

Let me know if this helps.

Topic		Replies	Views
Auth0 and Palo Alto Networks integration Help connections , free-trial	0	16	September 20, 2024
Palo Alto GlobalProtect and a on-premises Clientless VPN APP with SSO Help sessions , authentication-sessions	9	2910	March 7, 2024
Auth0 as SAML Identity Provider Help user-management , user-password-management	4	897	May 17, 2023
Auth0 as SAML identity provider - how change NameID that auth0 provides to avoid pipe character? Help identifier-first , login-experience	1	1128	September 22, 2023
Adding custom SAML attribute when auth0 is IdP Help saml2	2	4933	January 26, 2022

Auth0 and Palo Alto Global Protect

Related Topics