Double login when using SAML in my app

I have a web application that has an embedded dashboard (which is provided by a 3rd party). This service is the SP that initiates the SAML authentication.
When I log into my application and visit the embedded dashboard page I am redirected to the login page again. This second login signs me into the service.
I noticed that on the initial login, the login page has a custom url, but when redirected to log into the service, the login page has the default Auth0 url.
Is this a red herring? Or could this be the source of the issue?
If it is an issue, how do I change the Identity Provider Login URL through the Auth0 dashboard?

To summarise what the issue is:

  • I log into my application via the Auth0 universal login page (custom domain)
  • I visit the page with the embedded 3rd party service
  • The page redirects to the Auth0 universal login page again (default domain)
  • I log in
  • Then I have access to the application and the page with the embedded service.

Why is the second login necessary?

Hi @andrew.trigg,

Is the embedded service a separate application? If so, then it’s expected that another authentication will be necessary (although it could happen silently using the existing SSO session).

For the different domains, is the embedded page configured to point to the default “auth0 domain” or the custom domain?

Feel free to share some code if you need to. (Obscure sensitive data please).


1 Like

Thanks Dan. I actually resolved the issue by using the Custom domain in the SAML assertion. I couldn’t change it directly in the UI or in the downloaded SAML metadata file (I think it invalidated the token) but I could get the URL for the SAML metadata, change the domain in that URL, and download the metadata file from there.
This seems to be working now.

1 Like

Thanks for the update, glad you got it working.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.