Edit: To be clear, I am hoping that other Auth0 users have some experience / use cases here. Have you put Auth0 between a SaaS app (that supports SAML / OIDC / AD / etc.) and you enterprise directory, and if so, any specific reason you did so? To date I’ve gone the other way: if a SaaS app supports AD or G Suite login directly, I’ve done that, figuring there was “no point putting extra plumbing in the way”.
A bit of thinking out loud here:
Model: Organization that
- uses an Enterprise IAM service, like AD,
- uses 3rd party SaaS apps that support login solutions including AD, Auth0 / OIDC in general, SAML in general, etc.
I’m trying to figure out uses cases where I would want to put Auth0 in between the SaaS app and, say, AD, rather than having the SaaS go straight to AD. We use Auth0 for all our customer facing apps b/c it makes adding authn & authz easy for our dev teams, which is great, but why would I add a middle… person, when the SaaS supports SAML / OIDC / AD directly?
I have vague notions of being able to use Rules for Wizardry but nothing concrete at the moment.