How to Set Up Single Sign-On (SSO) for Auth0
This guide provides detailed instructions on how to set up a custom SAML application in Auth0 for integration with Aptible.
Prerequisites
- An active Auth0 account
- Administrative access to the Auth0 dashboard
- Aptible Account Owner access to enable and configure SAML settings
Creating Your Auth0 SAML Application
Accessing the Applications Dashboard
Log into your Auth0 dashboard. Navigate to Applications using the left navigation menu and click Create Application. Enter a name for your application (we suggest “Aptible”), select Regular Web Applications, and click Create.
Enabling SAML2 WEB APP
Select the Addons tab and enable the SAML2 WEB APP add-on by toggling it on. Navigate to the Usage tab and download the Identity Provider Metadata or copy the link to it. Close this window—It will toggle back to off, which is expected. We will activate it later.
Enable SAML Integration
Log into your Aptible dashboard as an Account Owner. Navigate to Settings and select Single Sign-On. Copy the following information; you will need it later:
- Single Sign-On URL (Assertion Consumer Service [ACS] URL):
https://auth.aptible.com/organizations/xxxxx-xxx-xxxx-xxxx-xxxxxxxxxxxx/saml/consume
Upload Identity Provider Metadata
On the same screen, locate the option for Metadata URL. Copy the content of the metadata file you downloaded from Auth0 into Metadata File XML Content, or copy the link to the file into the Metadata URL field. Click Save. After the information has been successfully saved, copy the newly provided information:
- Shortcut SSO login URL:
https://app.aptible.com/sso/xxxxx-xxx-xxxx-xxxx-xxxxxxxxxxxx
Configuring SAML2 in Auth0
Return to the Auth0 SAML Application. In the Application under Settings, configure the following:
- Application Login URI:
https://app.aptible.com/sso/xxxxx-xxx-xxxx-xxxx-xxxxxxxxxxxx(this is the Aptible value of Shortcut SSO login URL). - Allowed Callback URLs:
https://auth.aptible.com/organizations/xxxxx-xxx-xxxx-xxxx-xxxxxxxxxxxx/saml/consume(this is the Aptible value of Single Sign-On URL - Assertion Consumer Service [ACS] URL). - Scroll down to Advanced Settings -> Grant Types. Select the grant type appropriate for your Auth0 configuration. Save the changes. Re-enable the SAML2 WEB APP add-on by toggling it on. Switch to the Settings tab. Copy the following into the Settings space (ensure that nothing else remains there):
{
"nameIdentifierProbes": [
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
]
}
Finalize the Setup
Click on Debug — Ensure the opened page indicates “It works.” Close this page, scroll down and select Enable.
- Ensure that the correct users have access to your app (specific to your setup). Save the changes.
Attribute Mapping
No additional attribute mapping is required for the integration to function.
Testing the Login
Open a new incognito browser window. Open the link Aptible provided as Shortcut SSO login URL. Ensure that you will be able to login.
Was this page helpful?