Auth0
This guide details the steps required to configure Keyless as a passwordless authentication solution for your Auth0 cloud instance.
Keyless and Auth0 have partnered to deliver true passwordless authentication for the workforce and for consumers.
This document provides a step-by-step introduction for configuring Auth0 to work with Keyless. In this guide Keyless will be set up as both an OpenID Connect service provider and a OpenID Connect identity provider for Auth0.
Configure Authentication Identity Provider
In order to enable your users to authenticate into Auth0 enabled apps via Keyless you’ll need to configure Keyless as a trusted IdP on Auth0.
As part of the onboarding process you’ll receive the following pieces of information from keyless to complete a Trusted IdP configuration.
| Parameter | Description | Example |
|---|---|---|
Login Icon | Can be used as the logon Icon for Keyless authentication on Auth0 Login page | |
Discovery URL | OIDC Discovery endpoint provided by Keyless | https://your-keyless-tenant/.well-known/openid-configuration |
Client ID | OIDC Client ID specific to you organization provided by Keyless | - |
Client Secret | OIDC Client secret provided by Keyless | - |
The steps are as follows
Create a new Enterprise Connection (IdP): Go to Authentication →Enterprise → OpenID Connect Click on (+) Icon
Provide a name for the Connection
Fill in OIDC Discovery URL in Issuer Field
Fill in ClientID provided by Keyless
Make a note of the callback URL that need to be sent to Keyless
Click Save
Once Saved go to Settings and General tab do the following
Select Back Channel as Type
Fill in client Secret field
Click Save Changes
Click on the ellipses (...) icon on the Connection just saved, Click Try Now
This will initiate a Keyless authentication
On successful authentication you’ll see the connection data
Configure Enrolment Service Provider
To enable enrolment of your users to Keyless we’ll need to configure a client application on Auth0. Parameters required to create the application on Auth0 are provided in your Keyless onboarding package. Once the application is configured you’ll need to send some configuration information back to Keyless to complete the configuration on Keyless end.
Following are the pieces of information from Keyless required to configure Auth0 Application:
| Parameter | Description | Example |
|---|---|---|
Login URL | OIDC Client configuration provided by Keyless | https://<your-enrolment-server>/signin-oidc |
Redirect URI | OIDC redirect URO provuded by Keyless | https://<your-enrolment-server>/signin-oidc |
Logout URL | OIDC logout URL provided by Keyless | https://<your-enrolment-server>/signout/callback |
Keyless Enrolment URL | URL to Keyless Enrolment page for end users: provided by Keyless | https://<your-enrolment-server>/ |
Create Application: Applications --> Create Application --> Regular Web Applications
On Settings tab of the Application just created
o Make note of the following items that need to be sent back to Keyless
Domain
Client ID
Client Secret
Fill in the following information from the URLs provided by Keyless
Allowed Callback URL which is the Login URL (in the table above)
Allowed Logout URL which is the Logout URL provided
Allowed web origins which is the Redirect URI provided
Last updated
