Auth0

This guide details the steps required to configure Keyless as a passwordless authentication solution for your Auth0 cloud instance.

Keyless and Auth0 have partnered to deliver true passwordless authentication for the workforce and for consumers.

This document provides a step-by-step introduction for configuring Auth0 to work with Keyless. In this guide Keyless will be set up as both an OpenID Connect service provider and a OpenID Connect identity provider for Auth0.

Configure Authentication Identity Provider

To use Auth0 to authenticate, configure Keyless as a trusted IdP on Auth0.

Before proceeding, make sure you have the following information from Keyless:

Parameter
Description
Example

Login Icon

Can be used as the logon Icon for Keyless authentication on Auth0 Login page

https://your-keyless-tenant/static/keyless.svg

Discovery URL

OIDC Discovery endpoint provided by Keyless

https://your-keyless-tenant/.well-known/openid-configuration

Client ID

OIDC Client ID specific to you organization provided by Keyless

-

Client Secret

OIDC Client secret provided by Keyless

-

The steps are as follows

  1. Create a new Enterprise Connection (IdP): Go to Authentication →Enterprise → OpenID Connect Click on (+) Icon

  2. Provide a name for the Connection

  3. Fill in OIDC Discovery URL in Issuer Field

  4. Fill in ClientID provided by Keyless

  5. Make a note of the callback URL that need to be sent to Keyless

  6. Click Save

  7. Once Saved go to Settings and General tab do the following

    1. Select Back Channel as Type

    2. Fill in client Secret field

  8. Click Save Changes

  9. Click on the ellipses (...) icon on the Connection just saved, Click Try Now. This will initiate a Keyless authentication

On successful authentication you’ll see the connection data

Configure Enrollment Service Provider

To enrol users you need to configure a client application on Auth0.

Before proceeding, make sure you have the following information from Keyless:

Parameter
Description
Example

Login URL

OIDC Client configuration provided by Keyless

https://<your-enrollment-server>/signin-oidc

Redirect URI

OIDC redirect URO provuded by Keyless

https://<your-enrollment-server>/signin-oidc

Logout URL

OIDC logout URL provided by Keyless

https://<your-enrollment-server>/signout/callback

Keyless Enrollment URL

URL to Keyless Enrollment page for end users: provided by Keyless

https://<your-enrollment-server>/

  1. Create Application: Applications --> Create Application --> Regular Web Applications

  2. On Settings tab of the Application you just created

    1. Make note of the following items that need to be sent back to Keyless

      • Domain

      • Client ID

      • Client Secret

    2. Fill in the following information provided by Keyless

      • Allowed Callback URL which is the Login URL (in the table above)

      • Allowed Logout URL which is the Logout URL provided

      • Allowed web origins which is the Redirect URI provided

Make sure to send the following information back to Keyless to complete the configuration:

  • Domain

  • Client ID

  • Client Secret

Last updated