Auth0

Overview

This document describes the procedure to configure your organization's Auth0 application within the AdminX portal to use it as a passwordless authentication solution for your organization's Auth0 users. This integration will allow your users to log in to their Auth0 account leveraging their biometrics. The biometric options include Touch ID / Face ID and LiveID.

Before you Begin

You will need the following resources and privileges to complete this integration:

1. Admininstrator access to the following:

   • AdminX portal: If your organization is not registered with the AdminX portal, visit the Sign Up page for your organization’s AdminX portal registration. The 1Kosmos representative will create an account for your respective organization within the AdminX portal.
   • Auth0 instance. Visit the Auth0 site for Auth0 registration.

2. Install on your mobile device:

• BlockID mobile application (Compatible with iOS and Android devices). Visit the BlockID for Android or BlockID for iOS to download the application.

Assumptions

• With the above prerequisites, you should now successfully be registered and be able to login to:

  • AdminX portal
  • Your organization's Auth0 account with Admin access.

• Installed and registered the BlockID mobile application.

  • Launch the BlockID mobile application and follow the on-screen instructions to register your app with the BlockID Platform to enroll your biometrics.
  • Visit the Enroll Biometrics (Touch ID / Face ID and LiveID) section of the BlockID mobile application User Guide for step by step understanding of the Biometrics Enrollment process within the BlockID mobile application.

Perform the following tasks to enable this integration:

1. Auth0 configurations
2. AdminX portal configurations

List of Topics:

1. Auth0 configurations
2. AdminX portal configurations
3. Test the SAML Single Sign-On Connection

Auth0 configurations

These configurations need to be performed before integrating your Auth0 application into the AdminX portal.

Note:

The following steps will be performed by your Auth0 administrator.

1. Login to your Auth0 site.
2. From the left pane, click Applications.

3. From the Applications screen, click on the appropriate application name that you will add to the AdminX portal for SAML 2.0 integration.
4. In the selected application screen, click on the Settings tab.

5. Copy and save your Auth0 Domain URL, Client ID, and Client Secret key to use while performing Auth0 integration in the AdminX portal.
6. Navigate to Applications > Applications and click on your SAML 2.0 integrated application name.

• Scroll down to the Application Properties section and ensure that the Regular Web Application option is selected from the Application Type list.

• Scroll down to the Advanced Settings section, expand this section and click on the Grand Types tab. Ensure that the Client Credentials check box is selected.

• Click Save Changes.

7. Navigate to the Applications > APIs > Auth0 Management API > Machine to Machine Applications.

• Click on the Enable option for your SAML 2.0 enabled application. For example, Default App. The Authorized option is displayed with the enabled option.

• In the Permissions section, search for the create:connections permission, select the check box for it, and click Update.

AdminX portal configurations

This is a one-click app Auth0 integration that will automatically generate a Service Provider (SP) configuration to add in your Auth0 application to enable SAML 2.0 integration and use the AdminX portal as an IDP for your passwordless login.

Note:

The following steps will be performed by your AdminX portal administrator. The credentials provided during one-click integration are one-time use only. BlockID does not store these credentials, thus it is recommended to change the passwords and revoke tokens after completion of the one-click integration. To perform more configurations to the Auth0 SP SAML integration, visit the Auth0 site and perform the changes.

1. Login to the AdminX portal, navigate to Applications > Add Application.

2. In the Add new applications screen, click on the Add integration link for the Auth0 SAML option from the Pre-built integrations section.

3. In the Auth0 screen, enter the following values:

• Application Name: Enter the name for your Auth0 application.
• In the Service provider info section:
  • Auth0 Domain: Enter your saved Auth0 Domain URL as mentioned in the Auth0 configurations topic.
  • Auth0 Client ID: Enter your saved Auth0 domain Client ID as mentioned in the Auth0 configurations topic.
  • Auth0 Client Secret: Enter your saved Auth0 domain Client Secret key as mentioned in the Auth0 configurations topic.
  • Click Connect. This will add your Auth0 application within the AdminX portal and enable it for passwordless authentication.

Test the SAML Single Sign-On Connection section

1. In your browser, enter your organization’s Auth0 domain URL. You will be redirected to the AdminX portal login screen with the barcode to be scanned from your BlockID mobile app.
2. On the BlockID mobile application’s Home screen, click Scan QR.
3. Scan the QR code. The confirmation pop-up window is displayed asking to Allow BlockID to access this device’s location?.
4. In the confirmation pop-up window, select Allow only while using the app. The Authentication screen is displayed with the Please authenticate using <Biometric_option> from 1kosmos message.
5. Click Authenticate and perform the appropriate authentication method. The pop-up window is displayed with Thank you! You have successfully authenticated to Log In message upon successful authentication.
6. You will be logged in to your organization’s Auth0 application.