Auth0 Home Blog Docs

Problem setting up SSO with Okta

sso
okta

#1

We are using an evaluation version of Auth0 to investigate if it can meet all of our SSO needs. We have followed the sample for creating a SAML connection with Okta. We have also used the simple ASP.NET web application as an example client that uses a simple database connection. The test connection to the SAML enterprise connector works successfully but each time it creates a new user and doesn’t match to a user that has been created from the database connection. Is there something I am missing here? Is it possible to test this with the features of the free plan as a Developer Pro?


#2

Starting from the bottom, during the trial period all the features are available for trialing purposes independent of the subscription. After the end of the trial some of the functionality may still be available, but can only be legally used if your subscription allows it.

Having said that, I don’t believe that the issue you describe has any relationship with the subscription (even though that some features mentioned imply that you will end-up subscribing to a non-free subscription).

You have to consider that each connection acts as an independent user directory so an enterprise connection will have users associated to it that are independent of the users associated with a database connection. When I say user I mean a user identity or in other words the same person (John Doe) can have a user identity in a database connection and another user identity in an enterprise connection and by default they are independent.

Through the means of account linking you can link two identities in a way that completing authentication with one or the other results in the same user profile, but that linking needs to be done explicitly. In conclusion, if you’re creating an end-user manually for a database connection it will always be independent of other users created by completing authentication through an enterprise connection (even if both users are the same person and have the same email address associated to each identity).


#3