SSO from one service using Auth0 to another


Let me start by saying I am no expert in SSO.
What I will be faced with trying to do is “connecting” two separate services (my service and a partner’s site – both using Auth0) with SSO.
Specifically, if an user is logged in on the partner’s website through Auth0, I would like to provide SSO on my site, so they can seamlessly use my services.

Where do I start?
Could someone point me to relevant docs and examples?

I have of course searched the docs, but there is so much info, so many different terms that it’s difficult to cut through to what I am actually after.
Thank you.

Although you say that both services are using Auth0 it’s important to assert what does that exactly mean at the Auth0 tenant/domain level. In other words, both service can be said to use Auth0, but they can either use the same tenant/domain or each use their own tenant/domain even though both tenant/domains are Auth0.

Given that you mention it’s a partner service I’m assuming it’s different tenant/domains so in order for an end-user to login in your service using credentials/session that they already have in the partner service your tenant/domain would need to establish a relationship (connection in the Auth0 case) to the other tenant/domain.

This connection could either be:

  • a custom OAuth 2.0 social connection
  • an enterprise SAML connection
  • an enterprise OIDC connection

Technically there could be other options even, but the above would be the most common. Each would have different degree of configuration requirements steps and it’s also important to note that there would be a pricing different between the first option and the other two. Once a connection is selected you would need to refer to documentation like: