How to override the callback url on the SAML2 Web App addon

James.Morrison · January 21, 2019, 11:41pm

Hey there @Mark, you can leverage the Application callback URL as described in our Auth0 SAML2 Web tutorial and direct the callback URL accordingly as seen below. However there’s a chance you are looking for something a little more expansive depending on the use-case. If that is indeed the case it would required some custom code as it’s not native functionality. Please let me know if you have any questions or feedback. Thanks in advance!

To enable the Addon from the Auth0 side, you will need to provide you Application Callback URL , which receives the SAML response, as well as the Settings for your setup. Within the Settings page, there is a sample object that you can use when determining which settings you want to enable:

{
// "audience":  "urn:foo",
// "recipient": "http://foo",
// "mappings": {
//   "user_id":     "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
//   "email":       "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
//   "name":        "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
//   "given_name":  "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
//   "family_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname",
//   "upn":         "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn",
//   "groups":      "http://schemas.xmlsoap.org/claims/Group"
// },
// "createUpnClaim":       true,
// "passthroughClaimsWithNoMapping": true,
// "mapUnknownClaimsAsIs": false,
// "mapIdentities":        true,
// "signatureAlgorithm":   "rsa-sha1",
// "digestAlgorithm":      "sha1",
// "destination":          "http://foo",
// "lifetimeInSeconds":    3600,
// "signResponse":         false,
// "typedAttributes":      true,
// "includeAttributeNameFormat":  true,
// "nameIdentifierFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
// "nameIdentifierProbes": [
//   "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
//   "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
//   "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"
// ],
// "authnContextClassRef": "urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified",
// "logout": {
//   "callback": "http://foo/logout"
// }
}

Topic		Replies	Views
How to redirect a SAML 2 webapp to a localhost callback URL Get Help application , addons	2	22	April 15, 2025
AWS Auth0 SAML2 Single Sign on Get Help sso , aws	1	3141	February 12, 2020
Callback URL Different from http://{your_domain}/callback Get Help connections , oidc-enterprise-connection	1	698	January 4, 2024
SSO Design Scenarios and SAML Options Get Help	2	3218	September 4, 2019
Auth0 post request to /callback url Get Help connections , saml-enterprise-connection	1	875	December 21, 2023

How to override the callback url on the SAML2 Web App addon

Related topics