How to set up Single Sign-On (SSO) on TagoRUN with Auth0

How to set up Single Sign-On (SSO) on TagoRUN with Auth0

Hi everyone!

In this tutorial, I'll show you how to configure Single Sign-On (SSO) on your TagoRUN using the Auth0 authentication platform. The steps below can also be applied to other platforms, as they are all very similar.

  1. Create an account in Auth0 
  2. Create a new Application with the type Single Page Application
  3. Open the new Application to configure it
  4. Enable SAML2 Web App addon in the Addons tab



  5. Download the Identity Provider metadata file in the SAML2 modal



  6. Copy the ACS URL from the Single Sign-On tab on the TagoRUN edit page



  7. Set the Application Callback URL to the copied ACS URL in the SAML2 addon



  8. Copy the SLO URL from the Single Sign-On tab on the TagoRUN edit page
  9. Set the settings object in the SAML2 addon and use the copied SLO URL in ‘callback’ parameter



  10. Click to Enable the SAML2 addon at the bottom of the modal



  11. Go to the Settings tab in the Auth0 application
  12. Ensure that Allowed callback URLs include the ACS URL



  13. Ensure that Allowed logout URLs include the login page address for TagoRUN



  14. Import the metadata file in the RUN edit page (Admin > RUN > Integrations > Single Sign-on)



  15. Set the email mapping to http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
  16. Set the name mapping to http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name



  17. Click Enable to enable SSO integration and save the TagoRUN to deploy



Troubleshooting

After configuring SSO, I am being redirected to the Identity Provider login page, but I’m seeing an error message for ‘missing email field’ or ‘missing name field’.


To solve that issue, you need to configure mappings for SAML attributes on both the Identity Provider and TagoIO Admin.



And that is all!

If you need any assistance, feel free to add a comment below!