My application handles multiple clients which all have their own data stores.
I am trying to allow each of them to use their own SAML IdP to log in to my app.
My question is rather simple, but I never used Auth0 so I would like to make sure I can address this use case:
Is it possible to have this scneraio in place with my app receiving info to distinguish which login goes to which app?
Is it possible to access Auth0 Setup to add a Service Provider (SP) endpoint for a new customer programmatically?
There are probably other ways to do this but, assuming you are using Universal Login:
Each SAML IdP is configured with one or more DNS domains. When a user with an email address from one of the configured domains logs in, the domain is recognized and the user is redirected to their own IdP. More or less:
That sounds great and seems to be the scenario I want to achieve.
Is the endpoint you are mentioning set on the app? where can I find it?
I am tryong to frsit validate my scenario with https://samltest.id/, but using it as an IdP to then go to my custom web app does not work; I keep on going back to the samltest app page (even if changing the destination in the addon); what am I missing?
I’m not sure where you are in the process. All your SAML providers will be set up under Connections → Enterprise → SAMLP Identity Provider. Each will have one or more unique domain names associated with it and you’ll need to enable all the connections for your app.
Also check out these videos / webinars. The first one uses ssocircle.com in the same way you are using samltest.id so should be particularly helpful.
For other people who would like to setup SamlTest, I ended using an Okta developer tenant which is way easier and better documented from Auth0 point of view.
Going through the tutorial from A to Z helped me, as I just missed the proper SSO url on the IdP configuration.
Sorry to hear that. We would really appreciate if you can provide more context around where we exactly failed so we can improve that experience in the future! If you can send me a private message regarding that, it would be perfect!