Problem statement
The guide Configure Single Sign-on for Auth0 Dashboard explains a series of steps to configure SSO for Auth0 Dashboard using Okta (SAML), but is it possible to use Okta (OIDC)?
Are there any downsides to using OIDC instead of SAML?
Solution
Configuring SSO for Auth0 Dashboard using Okta (OIDC) is possible.
OIDC
- Pros: No need to do certificate rollovers when they expire.
- Cons: It is impossible to move to a different IdP transparently in the future. Changing IdPs is possible, but re-inviting tenant members would be needed, at least for the time being.