I am looking into using Auth0 for my app.
My application handles multiple clients which all have their own data stores.
I am trying to allow each of them to use their own SAML IdP to log in to my app.
My question is rather simple, but I never used Auth0 so I would like to make sure I can address this use case:
- Is it possible to have this scneraio in place with my app receiving info to distinguish which login goes to which app?
- Is it possible to access Auth0 Setup to add a Service Provider (SP) endpoint for a new customer programmatically?
Welcome to the Community!
There are probably other ways to do this but, assuming you are using Universal Login:
Each SAML IdP is configured with one or more DNS domains. When a user with an email address from one of the configured domains logs in, the domain is recognized and the user is redirected to their own IdP. More or less:
- User from foo.com goes to app.bsoulier.com,
- User is redirected to Universal Login,
- User enters their email address “email@example.com”,
foo.com is associated with a SAML IdP configured in Auth0, so firstname.lastname@example.org is redirected to the IdP for authentication,
- After authentication, user is redirected back to app.bsoulier.com.
And this works for any number of SAML IdPs.
Hello Mark, thanks for your reply!
That sounds great and seems to be the scenario I want to achieve.
- Is the endpoint you are mentioning set on the app? where can I find it?
- I am tryong to frsit validate my scenario with https://samltest.id/, but using it as an IdP to then go to my custom web app does not work; I keep on going back to the samltest app page (even if changing the destination in the addon); what am I missing?
I’m not sure where you are in the process. All your SAML providers will be set up under Connections -> Enterprise -> SAMLP Identity Provider. Each will have one or more unique domain names associated with it and you’ll need to enable all the connections for your app.
Also check out these videos / webinars. The first one uses ssocircle.com in the same way you are using samltest.id so should be particularly helpful.
Thanks a lot Mark for sharing that knowledge here during weekend!
Thank you so much for your help!
For other people who would like to setup SamlTest, I ended using an Okta developer tenant which is way easier and better documented from Auth0 point of view.
Going through the tutorial from A to Z helped me, as I just missed the proper SSO url on the IdP configuration.
Hey there @bsoulier!
Sorry to hear that. We would really appreciate if you can provide more context around where we exactly failed so we can improve that experience in the future! If you can send me a private message regarding that, it would be perfect!
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.