Auth0 Extension: Single Sign-On (SSO) Dashboard
The Single Sign-on (SSO) Dashboard extension allows you to create a dashboard with multiple enterprise applications that can be enabled for SSO for your users for login.
The SSO dashboard supports two types of users: Users- who will login to the dashboard to then select an application to sign into with SSO. Admins- can login to configure the applications that are visible to the users. This guide is intended for Dashboard Admins.
Create an application
Let's start with creating a new application. Navigate to Applications and click on the +Create Application button. Set a name and choose Single-Page Web Applications application type. Click on Create.
Click on the Settings tab and set the Allowed Callback URLs. This varies based on your location.
The login URL for Admins:
|Location||Allowed Callback URL|
The login URL for Users:
|Location||Allowed Callback URL|
Copy the Client ID value.
Navigate to Settings > Show Advanced Settings > OAuth and paste the Client ID value to the Allowed APPs / APIs field.
Set the JsonWebToken Signature Algorithm to RS256.
Save your changes.
By default all the connection types are enabled for users to be able to login into the SSO Dashboard. If you would like to change this, navigate to the Connections tab for the Application.
Install the extension
We are now ready to setup our new extension. But first, head back to your newly created Application and copy the Client ID value.
To install and configure this extension, click on the SSO Dashboard box in the list of provided extensions on the Extensions page of the dashboard. The Install Extension window will open.
Set the following configuration variables:
EXTENSION_CLIENT_ID: This is the Client ID of the application you have created in the Applications that you wish to use this extension with.
TITLE: This the custom title that will appear at the top of the SSO Dashboard page.
CUSTOM_CSS Optional: This field that can contain a link to custom CSS you can use to style the look of your SSO Dashboard page.
AUTH0_CUSTOM_DOMAIN Optional: If you have a custom domain name configured, enter it here (for example: login.example.com). This will change the authorization endpoint to https://login.example.com/login.
NOTE: Setting the
AUTH0_CUSTOM_DOMAINvariable does not affect the extension URL, it only changes the "authorization endpoint". When a custom domain is used, users that are logging into the extension will be navigated to
https://AUTH0_CUSTOM_DOMAIN/logininstead of the default
Once you have provided this information, click INSTALL.
If you navigate back to the Applications view, you will see that there has been an additional application created.
auth0-sso-dashboard application is created automatically when you install the extension. It's an application authorized to access the Management API and you shouldn't modify it.
Use the extension
Navigate to the Extensions page and click on the Installed Extensions tab.
Click on the row for the SSO Dashboard extension. The first time you click on your installed extension, you will be asked to grant it the required permissions.
Once you agree, you will be directed to your custom SSO Dashboard page, which will have the TITLE you provided at the top of the page, and if you provided a custom CSS file that styling will be applied.
To login into the dashboard:
For Admins use
https://YOUR_TENANT.<REGION>8.webtask.io/auth0-sso-dashboard/admins/login or through the Dashboard.
For Users use
Add a new application
To add a new application to your dashboard to be used for SSO, go to the Settings page of the dashboard by clicking on the link on the upper right corner of the page and click Settings from the dropdown.
Then click on the CREATE APP button to add a new application.
You will then need to enter the following fields for the new application:
- Type: This field is a dropdown where you select the either SAML, OpenID-Connect, or WS-Federation depending on the type of application.
- Application: This is the application name of the application you have created that you wish to associate the login of users.
- Name: The name of the new application you are adding.
- Logo: Enter the url of the logo you wish to user as an icon for the application.
- Callback: This is one of the Allowed Callback URLs under your Application Settings of the application.
- Connection Optional: Select the connection type from the dropdown. You can add/edit your available connection types in the Connections section of the Auth0 Management dashboard. If a connection is not set and the user is not logged, the user will see the Auth0 Login page.
- Enabled: Select this checkbox for this application to be visible (published) to your users.
Once completed click the CREATE button.
Your new application will then appear on the Applications page of the SSO dashboard with any other applications that have been created.
You can click on an application here to test the connection.
Update an existing application
To edit an existing application go to the Settings page of the dashboard by clicking on the link on the upper right corner of the page and click Settings from the dropdown.
You can change whether users can see the application (if it is enabled) with the Publish or Unpublish buttons.
You can delete an application with the X button, a confirmation box will popup to confirm the deletion.
To update an application's settings, click the gear icon.
Here you can change any of your application settings, or delete an application.