Migrate from Azure Access Control Service to Auth0
In this article, you'll learn how to migrate from Azure Access Control (ACS) to Auth0, and connect to a WS-Federation identity provider such as Azure Active Directory, Active Directory Federation Services, or IdentityServer.
Before you start
- WS-Federation identity provider connections in Auth0 return tokens in SAML2 format. If your ACS configuration uses WS-Federation protocol with JWT tokens, you'll need to update your applications when migrating to Auth0.
- Auth0 offers both cloud and on-premises deployments.
- Review the Getting Started documentation for an overview of Auth0.
Set up your account
Create a client
Add Auth0 to your identity provider
Next add Auth0 as a relying party to your identity provider using the following information:
- Realm Identifier:
- Return URL:
Create a WS-Federation connection
To create a connection between Auth0 and your identity provider, navigate to Dashboard > Connections > Enterprise. For WS-Federation identity providers, create a new ADFS connection and provide the following information:
- Connection Name: A descriptive name for the connection.
- Email Domains: (Optional) A comma-separated list of valid domains. Only needed if you want to use the Lock login widget.
Next, either enter your WS-Federation server URL in the ADFS URL field or upload a Federation Metadata file. If you set a WS-Federation server URL, Auth0 will retrieve the Federation Metadata endpoint and import the required parameters, certificates, and URLs.
After saving the new connection you'll see a list of your registered clients. Enable the connection for your client.
Update your application
Depending on your application and use case, you'll have to update your application to use Auth0 for authentication instead of ACS. There are several ways to integrate Auth0 with your application:
- Configure the Lock authentication widget.
- Use Auth0 SDKs such as Auth0.NET.
- Connect to the Authentication API.