SAML Identity Provider Configuration
These are the parameters used to configure a SAML Identity Provider:
- The post-back URL (also called Assertion Consumer Service URL) is:
- The Entity ID of the Service Provider is:
connection.options.entityId || urn:auth0:YOUR_TENANT:YOUR_CONNECTION_NAME
- The SAML Request Binding (sent to the IdP from Auth0):
- The SAML Response Binding (how the SAML token is received by Auth0 from IdP):
- The NameID format:
- The SAML assertion, and the SAML response can be individually or simultaneously signed.
- The SingleLogout service URL, where the SAML Identity Provider will send logout requests and responses, is:
https://YOUR_AUTH0_DOMAIN/logout. Note: SAML logout requests must be signed by the Identity Provider.
If you want IdP-Initiated SSO, please make sure to include the
connection parameter in the post-back URL:
Some SAML Identity Providers can accept importing metadata directly with all the required information. You can access the metadata for your connection in Auth0 here: