Auth0
This guide details the steps required to configure Keyless as a passwordless authentication solution for your Auth0 cloud instance.
Keyless and Auth0 have partnered to deliver true passwordless authentication for the workforce and for consumers.
This document provides a step-by-step introduction for configuring Auth0 to work with Keyless. In this guide Keyless will be set up as both an OpenID Connect service provider and a OpenID Connect identity provider for Auth0.
Configure Authentication Identity Provider
To use Auth0 to authenticate, configure Keyless as a trusted IdP on Auth0.
Before proceeding, make sure you have the following information from Keyless:
Login Icon
Can be used as the logon Icon for Keyless authentication on Auth0 Login page
https://your-keyless-tenant/static/keyless.svg
Discovery URL
OIDC Discovery endpoint provided by Keyless
https://your-keyless-tenant/.well-known/openid-configuration
Client ID
OIDC Client ID specific to you organization provided by Keyless
-
Client Secret
OIDC Client secret provided by Keyless
-
The steps are as follows
Create a new Enterprise Connection (IdP): Go to Authentication →Enterprise → OpenID Connect Click on (+) Icon
Provide a name for the Connection
Fill in OIDC Discovery URL in Issuer Field
Fill in ClientID provided by Keyless
Make a note of the callback URL that need to be sent to Keyless
Click Save
Once Saved go to Settings and General tab do the following
Select Back Channel as Type
Fill in client Secret field
Click Save Changes
Click on the ellipses (...) icon on the Connection just saved, Click Try Now. This will initiate a Keyless authentication
On successful authentication you’ll see the connection data
Configure Enrollment Service Provider
To enrol users you need to configure a client application on Auth0.
Before proceeding, make sure you have the following information from Keyless:
Login URL
OIDC Client configuration provided by Keyless
https://<your-enrollment-server>/signin-oidc
Redirect URI
OIDC redirect URO provuded by Keyless
https://<your-enrollment-server>/signin-oidc
Logout URL
OIDC logout URL provided by Keyless
https://<your-enrollment-server>/signout/callback
Keyless Enrollment URL
URL to Keyless Enrollment page for end users: provided by Keyless
https://<your-enrollment-server>/
Create Application: Applications --> Create Application --> Regular Web Applications
On Settings tab of the Application you just created
Make note of the following items that need to be sent back to Keyless
Domain
Client ID
Client Secret
Fill in the following information provided by Keyless
Allowed Callback URL which is the Login URL (in the table above)
Allowed Logout URL which is the Logout URL provided
Allowed web origins which is the Redirect URI provided
Make sure to send the following information back to Keyless to complete the configuration:
Domain
Client ID
Client Secret
Last updated