Configure Auth0 to Send Encrypted SAML Assertion with Custom Keys


This article describes how to configure Auth0 to send encrypted SAML assertions with custom keys.

Applies To

  • Auth0 as SAML IdP


There are two ways to configure/customize the SAML configuration when Auth0 acts as SAML IdP:

Most of the SAML configurations (e.g., the issuer, the destination, the signing algorithm, etc.) can be configured via either the SAML addon or the actions.

However, it is only supported to use rules/actions to configure custom keys for the SAML assertion encryption:

NOTE: The below code snippet is for demonstration purposes only. Please adjust for the desired use case and test thoroughly before deploying it to the environment

exports.onExecutePostLogin = async (event, api) => {
  if (event.client.client_id === 'CLIENT_ID_1') {