Auth0
Overview
This document describes the procedure to configure your organization's Auth0 application within the AdminX portal to use it as a passwordless authentication solution for your organization's Auth0 users. This integration will allow your users to log in to their Auth0 account leveraging their biometrics. The biometric options include Touch ID / Face ID and LiveID.
Before you Begin
You will need the following resources and privileges to complete this integration:
-
Administrator access to the following:
- AdminX portal: If your organization is not registered with the AdminX portal, visit the Sign Up page for your organization’s AdminX portal registration. The 1Kosmos representative will create an account for your respective organization within the AdminX portal.
- Auth0 instance. Visit the Auth0 site for Auth0 registration.
-
Install on your mobile device:
- BlockID mobile application (Compatible with iOS and Android devices). Visit the BlockID for Android or BlockID for iOS to download the application.
Assumptions
-
With the above prerequisites, you should now successfully be registered and be able to login to:
- AdminX portal
- Your organization's Auth0 account with Admin access.
-
Installed and registered the BlockID mobile application.
- Launch the BlockID mobile application and follow the on-screen instructions to register your app with the BlockID Platform to enroll your biometrics.
- Visit the Enroll Biometrics (Touch ID / Face ID and LiveID) section of the BlockID mobile application User Guide for step by step understanding of the Biometrics Enrollment process within the BlockID mobile application.
Perform the following tasks to enable this integration:
- Auth0 configurations
- AdminX portal configurations
List of Topics:
Auth0 configurations
These configurations need to be performed before integrating your Auth0 application into the AdminX portal.
The following steps will be performed by your Auth0 administrator.
- Login to your Auth0 site.
- From the left pane, click Applications.
- From the Applications screen, click on the appropriate application name that you will add to the AdminX portal for SAML 2.0 integration.
- In the selected application screen, click on the Settings tab.
- Copy and save your Auth0
Domain URL
,Client ID
, andClient Secret
key to use while performing Auth0 integration in the AdminX portal. - Navigate to Applications > Applications and click on your SAML 2.0 integrated application name.
- Scroll down to the Application Properties section and ensure that the
Regular Web Application
option is selected from the Application Type list.
- Scroll down to the Advanced Settings section, expand this section and click on the Grand Types tab. Ensure that the
Client Credentials
check box is selected.
- Click Save Changes.
- Navigate to the Applications > APIs > Auth0 Management API > Machine to Machine Applications.
- Click on the Enable option for your SAML 2.0 enabled application. For example, Default App. The Authorized option is displayed with the enabled option.
- In the Permissions section, search for the
create:connections
permission, select the check box for it, and click Update.
AdminX portal configurations
This is a one-click app Auth0 integration that will automatically generate a Service Provider (SP) configuration to add in your Auth0 application to enable SAML 2.0 integration and use the AdminX portal as an IDP for your passwordless login.
The following steps will be performed by your AdminX portal administrator. The credentials provided during one-click integration are one-time use only. BlockID does not store these credentials, thus it is recommended to change the passwords and revoke tokens after completion of the one-click integration. To perform more configurations to the Auth0 SP SAML integration, visit the Auth0 site and perform the changes.
- Login to the AdminX portal, navigate to Applications > Add Application.
- In the Add new applications screen, click on the Add integration link for the Auth0 SAML option from the Pre-built integrations section.
- In the Auth0 screen, enter the following values:
- Application Name: Enter the name for your Auth0 application.
- In the Service provider info section:
- Auth0 Domain: Enter your saved Auth0
Domain
URL as mentioned in the Auth0 configurations topic. - Auth0 Client ID: Enter your saved Auth0 domain
Client ID
as mentioned in the Auth0 configurations topic. - Auth0 Client Secret: Enter your saved Auth0 domain
Client Secret
key as mentioned in the Auth0 configurations topic. - Click Connect. This will add your Auth0 application within the AdminX portal and enable it for passwordless authentication.
- Auth0 Domain: Enter your saved Auth0
Test the SAML Single Sign-On Connection section
- In your browser, enter your organization’s Auth0 domain URL. You will be redirected to the AdminX portal login screen with the barcode to be scanned from your BlockID mobile app.
- On the BlockID mobile application’s Home screen, click
Scan QR
. - Scan the QR code. The confirmation pop-up window is displayed asking to
Allow BlockID to access this device’s location?
. - In the confirmation pop-up window, select
Allow only while using the app
. The Authentication screen is displayed with thePlease authenticate using <Biometric_option> from 1kosmos
message. - Click Authenticate and perform the appropriate authentication method. The pop-up window is displayed with
Thank you! You have successfully authenticated to Log In
message upon successful authentication. - You will be logged in to your organization’s Auth0 application.