メインコンテンツへスキップ
Zenovaydocs
4分で読めます

Auth0 SSO Setup

This guide walks you through configuring Auth0 as your identity provider for Zenovay Single Sign-On.

SSO requires a Scale or Enterprise plan and Owner or Admin permissions in Zenovay, plus admin access to the Auth0 Dashboard.

SAML 2.0 Setup with Auth0

Step 1: Create an Application in Auth0

  1. Sign in to the Auth0 Dashboard
  2. Go to Applications > Applications
  3. Click Create Application
  4. Enter a name (e.g., "Zenovay") and select Regular Web Applications
  5. Click Create

Step 2: Enable the SAML2 Web App Addon

  1. On the application page, go to the Addons tab
  2. Enable the SAML2 Web App toggle
  3. In the Settings tab of the addon configuration:

Under Application Callback URL, enter:

https://auth.zenovay.com/api/sso/saml/callback

In the Settings JSON block, enter:

{
  "audience": "https://auth.zenovay.com",
  "nameIdentifierFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
  "nameIdentifierProbes": ["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"]
}
  1. Click Enable or Save

Step 3: Get IdP Values from Auth0

  1. Still in the SAML2 addon, click the Usage tab
  2. Note the following values:
    • Issuer: this is your IdP Entity ID (e.g., urn:dev-xxxxx.us.auth0.com)
    • Identity Provider Login URL: this is your SSO URL
  3. Download the Identity Provider Certificate (click the download link)

The Issuer (Entity ID) is not the same as the certificate fingerprint. Make sure to use the urn: value shown on the Usage tab, not the SHA-1 fingerprint.

Step 4: Assign Users

Auth0 applications are available to all users in your Auth0 tenant by default. To restrict access:

  1. Go to Applications > your application > Connections tab
  2. Enable only the connections (databases, social, enterprise) that should access Zenovay

Step 5: Configure Zenovay

  1. In Zenovay, go to Settings > Authentication > SSO
  2. Click Add SSO Provider
  3. Select SAML 2.0
  4. Enter:
    • Name: e.g., "Auth0"
    • Entity ID: the Issuer from Step 3 (e.g., urn:dev-xxxxx.us.auth0.com)
    • SSO URL: the Identity Provider Login URL from Step 3
    • Certificate: paste the contents of the downloaded certificate
  5. Click Save
  6. Add and verify your email domain

Step 6: Test

  1. Open an incognito window
  2. Go to auth.zenovay.com
  3. Enter an email from your verified domain
  4. You should be redirected to Auth0's login page
  5. Sign in with your credentials
  6. You should be redirected back to the Zenovay dashboard

Troubleshooting

  • Entity ID confusion: For SAML, the Entity ID (Issuer) looks like urn:dev-xxxxx.us.auth0.com, not the certificate fingerprint or Auth0 domain
  • Callback URL mismatch: Ensure the callback URL matches exactly — https://auth.zenovay.com/api/sso/saml/callback for SAML or https://auth.zenovay.com/api/sso/oauth/callback for OIDC
  • User not found: Check that the user exists in your Auth0 tenant and is allowed to access the application via the Connections tab
  • Issuer URL format: For OIDC, include the trailing slash in the issuer URL

For more help, see the SSO Troubleshooting Guide.

このページは役に立ちましたか?