Overview
The enterprise identity provider used by the Dashboard admins to log into the Auth0 Dashboard using SSO must be updated (Enterprise subscriptions).
Applies To
- Enterprise subscriptions
- Enterprise identity provider
- SSO
Solution
An update on the identity provider (IdP) for the Dashboard SSO connection can be requested via a Support ticket.
If the current connection is using the SAML protocol and the new identity provider will continue to use this protocol, there are two options to make this change:
- Create a new SSO connection with the new IdP. The process will be the same as setting up Dashboard SSO for the first time, and a new connection name will be provided. The admins will need to be re-invited to all the tenants using the new SSO identity. The previous connection will not be deactivated until the migration process is completed.
- Updating the current SSO connection. Using SAML, only the metadata XML file/URL should be updated, and the change is transparent. The admins can keep using their current SSO identities. The only requirement is that the new IdP send the same Name Identifier/Email Address for each user.
If the previous or new IdP uses an OIDC protocol, the only option is to create a new connection and re-invite the admins (option 1).
For the second option, in addition to the SAML metadata XML file (or URL), it is also necessary to provide a proposed date and time to make the change when the requester is available to confirm if everything works correctly once the update is completed and avoid any access disruptions for the tenant admins.
The configuration data for the different identity providers can be found in the following documentation: