User_id with SAML Connection (Salesforce as IdP)

We created a setup, where Salesforce is our Identity Provider and Auth0 is the Service Provider.
So if the user opens one of our apps, for login the user will be forwarded to Salesforce and redirected after the Salesforce login.

Now we want to add all users via the Management API. We set the user_id to a GID, which is also in Salesforce. So after user creation, the user_id is “auth0|{GID}”.
Now, we want the user to be identified via the GID. So in the managed app in Salesforce, we added a Custom Attribute user_gid that contains the GID.

In the mapping of the SAML connection, we did:
{
“user_id”: “user_gid”
}

When I try this within one of our apps, Auth0 creates automatically a new user with the user_id “samlp|SFQANEW|{GID}”, SFQANEW is the SAML connection.

But the one I created before is not used. Is there any way SAML can use the user we created via the Management API?

Thanks,

Marc

Hi @marc.porst,

Welcome to the Auth0 Community!

For connections where Auth0 is the service provider, user creation is delegated to the IdP. In this case, for a user to be created successfully, they must log in through Salesforce and are then created automatically within Auth0.

Hope this helps!

1 Like

Hey @dan.woda,

thanks for your help. So we decided to link the users created by the IdP and the user we created via the management API.

Best,

Marc

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.