I have a B2B subscription with an enterprise SAML and email connection. I’m trying to implement a silent login where if the user is already signed in with their enterprise SSO provider they should get logged in even if they don’t have an active auth0 session. Is this possible? I’ve tried using the authorize API with prompt = none and I’ve also tried specifying the connection name but I always see the response login required even for users who I know have signed into sso
Hi @mladenUST
Welcome to the Auth Community!
It appears that you are talking about IdP Initiated SSO.
However, IdP Initiated SSO flows can carry security risks such as Login CSRF Attacks. You can read more about that in the documentation provided above.
If you have any other questions, feel free to let me know!
Kind Regards,
Nik
Hi @nik.baleca thanks for the reply.
Would IDP initiated SSO work in the scenario where the user goes directly to my app and not through some sso portal?
Do you know of any examples I can use as a reference, I can’t really find anything.
Thanks,
Mladen
Hi again,
Usually, and IdP Initiated flow would be executed through a dashboard/portal/login butto, however, you can configure Silent Authentication for your application in order to pass in the specific connection to an /authorize or /login endpoint whenever an user reaches the website.
Unfortunately, there are no examples or sample applications provided for specific applications. There is a sample app available on Github sor GitHub - auth0-samples/auth0-aspnet-saml-idp-initiated.
If I can help with anything else, let me know!
Kind Regards,
Nik
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.