In a previous article, we introduced how to set up SAML authentication with Microsoft Entra when setting up SSO in Sitecore Cloud Portal, and in this article, we will explain how to connect with Auth0 and OpenID Connect.
Auth0 setting
In this article, we will use the trial service (free) of Auth0 to proceed with the setup. First, we will create a test user to log in and the organization to which the user belongs.
- Create an Organization
- User Management - Users creates users who can log in
- Assign the created user to the created Organization.
Then add an application. Select Applications - Applications from the menu on the left. This time, the following is displayed.
Click on the Create application button in the upper right corner to set the name of the application.
Click the Continue button to create the application. The required settings are as follows
- Domain and Client IDs are required for Sitecore Cloud Portal configuration
- Application Type is set to Regular Web Application.
- Set the Allowed Callback URLs field to https://auth.sitecorecloud.io/login/callback
This completes the initial preparation of Auth0.
Working with Sitecore Cloud Portal
Next, we will proceed with the configuration on the Sitecore Cloud Portal. As before, select Single sign-on ( SSO ) on the left side of the Admin menu.
When you open OpenID Connection as SSO settings, you will switch to the following screen.
Three items are set here.
- Email domains
- The Issuer URL is set in the form https://your-tenant.auth0.com/.well-known/openid-configuration using the domain name used by Auth0.
- Obtain and set Client ID
After saving, the Domain Authentication screen will appear.
Please implement the key shown as a DNS text record to complete the domain authentication. Below is an example of adding a DNS record with GoDaddy's service.
After the key is reflected and authentication is complete, the dialog changes to the following
Then run Test SSO Connection. After clicking this button, the Auth0 login screen is displayed as shown below.
If the login is successful, the following screen will appear.
After confirming that it has been successfully completed, press the Enable SSO connection button to enable it. The screen will change as follows.
Click the Enable Now button, and the SSO configuration will proceed and the icon will rotate during configuration.
After a few moments, the SSO configuration is complete when the following message is displayed.
Add a user to Sitecore Cloud Portal
This time, since the work description is shorter than for Entra ID, we will perform the user addition. First, add the email addresses of the users to be invited.
An email will be sent to the appropriate email address.
Clicking on the link will take you to the website and confirm your invitation.
I was able to successfully log in with my Auth0 account.
Summary
We have configured Microsoft Entra to allow login using SAML authentication, but this time we have configured it to allow authentication using Auth0 and OpenID Connection. If these two authentication services are supported, they can be used with many other authentication services.
Both domain authentication with DNS and mutual setting of necessary values between services are required, but once set up, the authenticator can manage users, so we would like to operate using SSO as much as possible.