Setting up Auth0 SSO

This document outlines the steps required to set up Auth0 SSO with StepSecurity.

Step 1: Access Auth0 Dashboard

• Log in to your Auth0 Dashboard at https://manage.auth0.com

• Navigate to Applications → Applications from the left sidebar

Step 2: Create a New Application

• Click Create Application

• Name the application: StepSecurity

• Select Regular Web Applications as the application type

• Click Create

Step 3: Configure SAML2 Web App Addon

• After creating the application, navigate to the Addons tab

• Enable the SAML2 Web App addon by clicking on it

Step 4: Configure SAML Settings

• In the SAML2 Web App settings dialog, configure the following:

• Application Callback URL: https://login.app.stepsecurity.io/saml2/idpresponse

• Settings JSON Configuration:

{
  "audience": "urn:amazon:cognito:sp:us-west-2_PGbAJDNzx",
  "recipient": "https://login.app.stepsecurity.io/saml2/idpresponse",
  "mappings": {
    "email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
    "name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
    "Groups": "http://schemas.xmlsoap.org/claims/Group"
  },
  "createUpnClaim": false,
  "passthroughClaimsWithNoMapping": false,
  "mapUnknownClaimsAsIs": false,
  "mapIdentities": true,
  "signatureAlgorithm": "rsa-sha256",
  "digestAlgorithm": "sha256",
  "nameIdentifierFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
  "nameIdentifierProbes": [
    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
  ]
}

Step 5: Share Application Metadata URL with StepSecurity

• Share the highlighted URL with the StepSecurity team.