We have an application (SPA) that uses Auth0 with passwordless email for authentication. So basically, user presses a button to initiate login, enters his email, client code then uses auth0 library to perform passwordless email authentication, user receives email with otp, enters otp in the frontend and retrieves access token. Now, one of the tasks assigned to me is to make it such that this Auth0 application can also handle SAML SSO for our third party integrations. So what they want is that from our own application, we can redirect to a third-party and they will use our Auth0 application to automatically authenticate the user too. NOTE that the user was previously authenticated already with us through passwordless so expectation is when they arrive to the 3rd party website, they will also be authenticated there. Is this possible? I tried to create a POC third-party webapp with a SAML ACS URL but when I test the SAML from the Auth0 website, it keeps opening a browser tab where it asks me to input my username and password which I shouldn’t have. If this is not possible, and say we initiate another passwordless auth for the third party, how should the flow be?
Hi @john.soriao,
Welcome to the Auth0 Community!
Yes, it is possible to have a SAML Connection where an app can use the app with the passwordless connection for its identity. Here are some docs to help:
https://auth0.com/docs/authenticate/identity-providers/enterprise-identity-providers/saml
If you have any other questions, feel free to reach out.
Have a good one,
Vlad
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.