Auth0 Identity Provider

Connect ConfigCat with Auth0 via SAML.

Introduction

Each SSO Identity Provider requires specific information to configure a SAML integration. The following guide will walk you through on how you can connect ConfigCat with Auth0 as a SAML Identity Provider.

1. Create an Application in Auth0

Log in to Auth0, select Applications from the menu, then click Create Application.
Enter a descriptive Name, select Regular Web Applications, then click Create.
Select the Addons tab, and click SAML2.

The next step will guide you on how to collect the information required for the appearing configuration dialog.

2. Configure SAML for the Auth0 Application

Open your organization's authentication settings on the ConfigCat dashboard.
Click ADD SAML IDENTITY PROVIDER.
Give a name for your Identity Provider, and click Create.
From the next section of the dialog, copy the following values and paste them into the Auth0 configuration dialog.
- Entity ID -> "audience": "<entity-id>" in the configuration JSON below.
- Assertion Consumer Service -> Application Callback URL
- For Settings, use the following JSON value:
```
{
  "audience": "<paste-your-entity-id-here>",
  "signatureAlgorithm": "rsa-sha256",
  "nameIdentifierProbes": [
    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
  ]
}
```
- Click on Save.

3. Configure ConfigCat with SAML Details from Auth0

You can choose one of the following options to configure ConfigCat with SAML Identity Provider metadata.

Metadata URL
Manual Configuration

Copy the URL of Identity Provide metadata.
Paste the copied value into the Metadata URL field at ConfigCat.
Select the trusted domains. Only user accounts from trusted domains can login with SAML SSO. You can bind multiple verified domains to a SAML Identity Provider.
Click on Save.

Copy the value of Identity Provider Login URL and download the Identity Provider Certificate, then paste them into the Configuration dialog at ConfigCat.
Select the trusted domains. Only user accounts from trusted domains can login with SAML SSO. You can bind multiple verified domains to a SAML Identity Provider.
Click on Save.

Go to the ConfigCat Log In page, and click COMPANY ACCOUNT - SAML.
Sign in with your company email address assigned to the Auth0 application.
ConfigCat will redirect you to Auth0's sign in page. Type your credentials, and click Continue.
You should be redirected to ConfigCat signed in with your company account.