Auth0 Home Blog Docs

Receive a SAML token and redirect to a client application

token
saml
redirect

#1

One of our clients will authenticate their users internally into an intranet, and once the user is authenticated will send out a SAML token.

We want to know if there’s a way to set up Auth0 as the receptor of that SAML token, validate it, and call the login callback endpoint in our client application passing a JWT. Basically, use the SAML token as the user credentials.


#2

What you describe sounds to be an IDP-Initiated SSO scenario. You should read more about this in the following documentation page section: https://auth0.com/docs/protocols/saml/saml-configuration#idp-initiated-sso

In summary, that would be achievable with the following general steps:

  1. You configure a SAML connection in accordance to the SAML assertion that will be sent by your client.
  2. You configure the previous connection to support IDP Initiated login; this would include specifying the client application to which the user would ultimately be redirected and also which authentication protocol should be used.
  3. You would ensure that your client IDP includes the connection parameter (with the name of the connection you configured) in the ACS (Assertion Consumer Service) URL; this would be the URL where your client would send the SAML token/assertion.

You should read the available documentation on SAML configuration for all the details.


#3