Auth0

Enterprise

To configure Appsmith to use Auth0 as a SAML provider, follow the steps below:

Prerequisites

1. A self-hosted Appsmith instance. See the installation guides for installing Appsmith.
2. Before setting up Single Sign-On (SSO), ensure that you have already configured a custom domain for your instance.
3. In Appsmith, go to Admin Settings > Authentication and click Enable on SAML 2.0.
4. Copy the Redirect URL from the SAML 2.0 configuration page to add it later in the Auth0 settings.

SAML configuration in Appsmith

Create application on Auth0

1. Log in to your Auth0 account and go to Applications > Create Application.
2. In the Create application modal, select Regular Web Application and click Create.
3. Once your application is created, you’re taken to the Quick Start screen. Go to the Settings tab.
4. Scroll down to the Application URIs and paste the Redirect URL copied earlier in the Allowed Callback URLs field.
5. Click Save Changes.
6. On the Settings tab, go to Advanced Settings > Endpoints. Scroll down to the SAML section, and copy the SAML Metadata URL to add it later in the SAML configurations in Appsmith.

Register Auth0 in Appsmith

caution

If you are running Appsmith on Google Cloud Run or AWS ECS, make sure to configure your service before setting up SSO. For detailed instructions, see the Configure Google Cloud Run for SSO, or Create PostgreSQL RDS for SAML SSO guide.

To complete the SAML configuration, you have to register the identity provider on Appsmith. Appsmith provides three options to register the identity provider as mentioned below:

Metadata URL (recommended)

To register Auth0 as the identity provider on Appsmith, follow the steps below:

1. Go to the SAML 2.0 configuration page in Appsmith and navigate to Register Identity Provider section.
2. Add the copied Metadata URL in the Metadata URL field under the Register Identity Provider section.

Metadata XML

To set up SAML using the raw Metadata XML file, follow the steps below:

1. Open the copied Metadata URL in a browser tab and copy the XML content.
2. Navigate to Appsmith and add the raw XML in the Metadata XML field under the Register Identity Provider section in the SAML 2.0 configuration page.

IdP data

If you have Identity provider data like X509 Public Certificate, Email, you can choose this option to configure SAML.

1. Open the Metadata URL in a browser tab or open the Metadata XML file.
2. Add the following values from XML tags in IdP Data under the Register Identity Provider section in the Appsmith SAML 2.0 configuration page:

**IdP Data Field **	Metadata XML Tag
Entity ID	Enter the value of the entityID attribute specified in the <EntityDescriptor> tag.
Single Sign-On URL	Enter the value of location attribute specified in the <SingleSignOnService> tag.
X509 Public Certificate	Enter the value specified in the <X509Certificate> tag.
Email	Enter the value specified in the <NameIDFormat> tag.

Once you have added the details, click the SAVE & RESTART button to save the configuration and restart the instance.

After the Appsmith instance restarts, try logging in again to your account. You'll see a login screen with the SIGN IN WITH SAML SSO button.

Login with SAML SSO