How to Implement Single Sign On

Single Sign On Authentication provides your users with a seamless authentication experience when they navigate either through the applications you have built and/or third party apps. Once your users log in to one of these applications, they won’t have to enter their credentials again when accessing another one. Don’t make your internal employees or your external users go through the hassle of maintaining and remembering yet another credential.

Single Sign On works by having a central server, which all the applications trust. When you log in for the first time, a cookie gets created on this central server. Then, whenever you try to access a second application, you get redirected to the central server. If you already have a cookie there, you will get redirected directly to the app with a token without login prompts. Which means you’re already logged in.

For example, Google implements Single Sign On in its services. Google’s central server is https://accounts.google.com. Once you are logged in this server, you will be able to access Gmail, Youtube, and Google Docs without entering your credentials again.

Imagine having the same experience but with your own Enterprise and/or Cloud applications!

When you want to add a new Single Sign-On integration, you can do so in the Auth0 Dashboard. Following these steps:

1. In the management dashboard, click Applications / SSO Integrations.
2. On the Single Sign-On Integrations page. Click the Create SSO button.
3. On the New Single Sign-On Integration page. Scroll and click which application you want to use for Single Sign-On.
4. To accept the permissions that the application requires, click Continue.
5. Follow the Setup Guide that pops on the screen.

Enabling Single Sign-On means that if the user is already logged in through Auth0, the Identity Provider (for example, Facebook) login dialog won’t be prompted again, and he will be automatically logged in to the specified application.

You can enable Single Sign On for your corporate applications like Salesforce, Dropbox, Slack, and more! With Auth0, this is just a few clicks away. Auth0 provides out-of-the-box support for more than 15 cloud applications.

These applications are: Box, CloudBees, Concur, Dropbox, Egnyte, New Relic, Office 365, Salesforce, Sharepoint, Slack, Springcm, Zendesk, and Zoom.

What if your application is not in the list of our pre-integrated apps? No problem! We also support the main industry standards such as SAML, WS-Fed, and OAuth 2.0 so you can hook any third-party application you need.

If you need further customization, you can use Auth0’s Actions. Actions are JavaScript functions that run in Auth0 and empower you to control and customize key events in the authentication and authorization pipeline. We know that every case is completely different!

See the Actions documentation for more information.

We’re HIPAA and SOC2 compliant, which assures you that we comply with all best practices of identity management.If you require an extra layer of security, you can turn on advanced policies like multi-factor authentication, password policies, brute force protection, and much more with just one click!