If you’re a software-as-a-service (SaaS) application builder selling to large enterprise organizations, connecting your application to your customers' identity providers can be a complex process.
Enterprise customers expect your SaaS application to integrate seamlessly within their identity stack via protocols, supporting capabilities like single sign-on (SSO), automated user on and offboarding, and secure session controls.
SaaS builders who develop these capabilities in-house quickly discover that building and maintaining them is complex and resource-intensive. Enabling integrations for each and every customer can also be time-consuming and prone to human error without automation.
This is why we’re pleased to announce that Express Configuration with Okta is now Generally Available for Auth0 applications!
What is Express Configuration?
Express Configuration is a feature that automates how enterprise customers set up identity integrations for your Auth0 application. It covers the three core protocols enterprise buyers expect:
- OpenID Connect (OIDC) for single sign-on
- System for Cross-domain Identity Management (SCIM) for automated user on and offboarding
- Global Token Revocation (GTR) for centralized session management with Universal Logout
These protocols enable enterprise customers to more securely configure identity integrations with SaaS applications without the need to copy and paste protocol-specific configuration values.
Auth0 developers can enable Express Configuration by publishing their application to the Okta Integration Network (OIN) – the leading catalog of verified SaaS integrations trusted by 17,000+ enterprises. Once published, Okta administrators can use the Okta Admin Console to configure these integrations within their Okta organization.
How does it work?
Auth0 and Okta have introduced the Express Configuration API, which allows Auth0 applications published to the OIN to more securely permit selected customers to automatically configure an Okta connection – including OIDC, SCIM, and Universal Logout – within their Auth0 organization.
To use Express Configuration, an Okta administrator signs into the Okta portal and selects your application from the OIN. With a single click, they can initiate the automatic configuration of SSO (with Universal Logout), or SCIM-based user provisioning.
The Okta administrator then enters the credentials of a user in your application who is permitted to perform Express Configuration. In Auth0, this refers to a user who is a member of an organization and is authorized to perform Express Configuration using an organizational role or other authorization method.
Once consent is granted, Okta uses the Express Configuration API to automatically configure an Okta connection within the Auth0 organization to which the Okta administrator belongs. The Okta administrator may then assign users to the application instance and verify that SSO is active immediately.
What are the benefits?
Express Configuration provides these benefits to SaaS application developers (you) and the Okta administrators (your customers):
For SaaS application developers (you):
- Reach Okta customers at scale: Enable 15,000+ Okta customers to automatically configure and deploy your integration, increasing adoption and a more scalable ecosystem.
- Accelerate customer onboarding: Automate the setup of OIDC, SCIM, and Universal Logout within customer Auth0 organizations without manual credential exchanges or configuration steps.
- Reduce support and maintenance burden: Standardized, automated configuration workflows minimize human errors and cut down on customer troubleshooting.
- Secure by design: Leverages OAuth 2.0 consent flows to more securely share sensitive configuration data and reduce risk tied to credentials and setup errors.
For Okta administrators (your customers)
- Faster time-to-value: Deploy in minutes with a guided, automated flow and an intuitive interface that simplify configuration between Okta and Auth0. No manual setup required.
Express Configuration with Okta is included in all Auth0 subscriptions that permit the use of the Organizations feature for as many customers as you need.
How to get started
If you’re ready to make enterprise onboarding faster for your customers, start by exploring how to enable Express Configuration with Okta and publish your application to the OIN by reading our product documentation here:
Want to launch a B2B SaaS application quickly? Check out our SaaS reference application, SaaStart, to learn by example how Auth0 can help you onboard business customers and let them manage themselves.
SaaStart implements organizations and organizational roles required by Express Configuration, and provides hands-on experience on Inbound SCIM and other essential CIAM features. Learn about CIAM within the frame of a modern B2B SaaS application. You can quickly deploy a sample Auth0 template directly within the SaaStart repo or from our new integration in the Vercel marketplace.
Disclaimer: This article may contain hyperlinks to non-Okta websites that are created and maintained by third parties who are solely responsible for the content on such websites.