Sharing a single application between different services

luke.mondy · January 13, 2022, 12:42am

Hello,

We have a bunch of different 3rd party services that are linked directly to our AzureAD for SSO. We’d like to move these services to use Auth0 instead.

We have the AzureAD setup in Auth0, and it works great. The question is: should we make an application for each individual 3rd party service, or can we make a single application, and use the same client ID (etc.) for all the services.

While I have a feeling that the former is the correct way to do it (and I’d be satisfied with that as answer), but I’m curious about the drawbacks of the latter approach - what security or administration risks would be involved, etc.?

Thanks!
Luke

sgo · January 13, 2022, 5:49pm

Hi @luke.mondy , welcome to the community!

I’d recommend creating a separate application for each 3rd party, this would give you greater control over managing what each party can do and make it easier to further extend flows with Rules or Actions that are different for each.

Especially so if you are using a flow that requires the 3rd party to know your client secret in order to authenticate; as if one party leaks that secret, it has compromised the others if they share the same application/client.

You may find this documentation useful too:

First-Party and Third-Party Applications

Topic		Replies	Views
Single AAD Connection to be used my multiple clients Archived	4	2297	December 21, 2020
SSO and Auth0's application Get Help sso , application	4	112	September 9, 2024
Providing 3rd party integrations within a Multi-tenant environment using applications Archived	5	3478	March 27, 2020
Switching between apps Auth0 Archived	2	3663	August 30, 2019
Single Auth0, multi-tenant with 3rd party applications Get Help multi-tenant	5	3152	June 8, 2021

Sharing a single application between different services

Related topics