For a user signed into application A I would like to allow seamless login to application B which is configured with Auth0 as the identity provider for the SAML connection.
In order to avoid prompting the login screen, the connection parameter must be included on the SAML URL. However, I do not see anywhere in the token/user information for application A where the connection name of the signed in user is included.
Would the proper approach here be to use the management API to get the user information for the just signed in user in application A such that the connection name can be retrieved from the identities and used to create the SAML sign in URL?
You can add the connection name/id as custom claims to the access and/or ID token with a Post-Login Action. You’ll definitely want to test this in your own environment, but the code might look something like the following:
exports.onExecutePostLogin = async (event, api) => {
// Check if the connection details are available in the event object
if (event.connection && event.connection.name && event.connection.id) {
const connectionName = event.connection.name;
const connectionId = event.connection.id;
// Add custom claims to the ID Token
api.idToken.setCustomClaim("https://example.com/connection_name", connectionName);
api.idToken.setCustomClaim("https://example.com/connection_id", connectionId);
// Add custom claims to the Access Token
api.accessToken.setCustomClaim("https://example.com/connection_name", connectionName);
api.accessToken.setCustomClaim("https://example.com/connection_id", connectionId);
}
};
