I want initiate a idp initiated login using auth0 via backend so user does not have to enter email and password, so user can directly land on service provide without entering anything, all authorization validation handle by backend with saved email and password in database. is it possible using auth0 as idp?
Did you review this page? Identity-Provider-Initiated Single Sign-On
This is just the starting point but what you actually do depends on SAML vs OIDC etc. but this is a good starting page
Yeah i have read it, but did not understand a bit how this can help me. I had implemented onelogin sso earlier, Onelogin has an api to get user session through that user can seamlessly visit service provider without entering email and password
I was expecting similar kind of thing, is there any way around this using auth0? how can i achieve this ? Please guide me.
Thanks in advance.
I guess this needs a lot more detail.
IDP initiated means you go to a common dashboard for your IDP and click a button to login to your app. Do you have such a dashboard setup? Or did you want to use Auth0 to make that kind of dashboard for you? our IDP provider offers a dashboard where we can add apps
Using Auth0 as IDP is one of the configurations, which is distinct from using Auth0 as SP
I do not have experience using Auth0 as IDP with SSO
However this is an example doc of how to use Auth0 as SAML based IDP: Configure Auth0 as SAML Identity Provider
I am not seeing any thing in auth0 docs that says ‘setup Auth0 itself as IDP for IDP initiated login’
Using Auth0 as IDP means you want a connection setup such as
- username-password connection
- enterprise connection > SAML or OIDC etc
depends on what you need
Read on, If this below is of interest to you
We are doing this for using Auth0 as SP (not IDP since we have external IDPs)
- Using Auth0 as SP Configure Auth0 as SAML Service Provider
- Using other IDPs connecting them in auth0 using Enterprise connections (SAML e.g.,)
- Used universal login (new or classic are your choices)
- Users now start from our app and they enter email and they get taken to SSO flow (depending on if their domain is setup in the Home Realm discovery of the Enterprise connection setup for that SSO provider/IDP). The login widget is smart enough (we use auth0-react) to determine that SSO is enabled so it automatically switches to sso mode once it detects domain.
I am sure there are other more experienced folks from Auth0 who can help you here with setting up Auth0 as IDP