Hi!
I’m working on a web platform that uses Auth0 for authentication.
We’re trying to set up a SAML connection between Auth0 and CyberArk where CyberArk is the identity provider and Auth0 is the service provider.
This should allow users from a different company that uses CyberArk to login to our platform.
I tried to follow the link below from the docs, but can’t get the connection working.
I’m mainly confused about what to put in the CyberArk side.
It allow me to either upload a metadata XML-file (which I can’t seem to find in Auth0) or provide the values manually, which I currently filled in like this:
-
SP entity ID / issues / audience:
urn:auth0:< tenant >:< connection> -
Assertion consumer service (ACS) URL:
https://< tenant >.eu.auth0.com/p/samlp/< string > -
Recipient:
checked “same as ACS URL” -
Sign response or assertion:
selected “Response” -
NameId format:
selected “unspecified” -
Single logout URL:
blank -
Encrypt SAML response assertion:
not checked
Screenshot for some more context:
Now when we click the SSO-button on the other platform, the user ends up on the ACS URL, and sees some kind of certificate on the screen.
When I put the ACS URL in my browser directly, I don’t see the certificate but I’m redirect to the SAML Identity Provider Configuration Settings documentation instead, so I’m guessing some authorization does happen when clicking the SSO-link?
I don’t see the IdP user in the Auth0 users list though, while I was expecting this user to automatically be created on the SP side?
There’s a lot of documentation of using Auth0 as IdP but to set it as SP, there’s not a lot information it seems. So does anyone know which values I need to use to get it working?
Kind regards