Налаштування SAML SSO для Auth0

To set up Crowdin Enterprise SAML SSO in your Auth0, follow the steps below.

Set up Crowdin Enterprise SAML App

  1. Open the Auth0 Management Dashboard using an administrator account.
  2. From the Dashboard, go to Applications.
  3. Click + CREATE APPLICATION on the right.
  4. In the Name field, specify an application name (for example Crowdin Enterprise), select the Regular Web Applications application type, click CREATE.
  5. Go back to Dashboard > Applications.
  6. Find the row for the application you just created, and click on the Settings icon to the right of the application name.
  7. (Optional) Specify the URL for your Crowdin Enterprise SSO app logo in the Application Logo field. You can find the Crowdin icon on the Using the Crowdin Logo page.
  8. Switch to the Addons tab.
  9. Click on SAML2 WEB APP.
  10. In the appeared dialog, specify the Application Callback URL.

    Application Callback URL:
    https://accounts.crowdin.com/saml2/{your-organization-name}/acs

    Note: Make sure to replace {your-organization-name} with your real Crowdin Enterprise organization name.
  11. In the Settings paste in the following snippet
    {
      "nameIdentifierProbes": [
    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
      ]
    }
    

    This way the NameID would be set to the user email address.

  12. Scroll down and click ENABLE.
  13. Scroll up and switch to the Usage tab.
  14. In the Usage tab, you’ll see the credentials that need to be specified in your Crowdin Enterprise Organization Settings > Authentication page > SAML.
  15. Copy the Issuer, Identity Provider Login URL, and download the certificate.
  16. In a separate browser tab or window, log in to your Crowdin Enterprise Organization, open the Organization Settings > Authentication page, and click on SAML at the bottom of the Authentication methods list.
  17. Enter the information you copied in Step 14 (paste in the Issuer in the Identity Provider Issuer field, Identity Provider Login URL in the SAML SSO Endpoint field, and drag and drop your certificate file to the Public Certificate field), click Save.
  18. Select the checkbox next to SAML in the Authentication methods list so that your users could use it as the desired authentication method to log in to your Crowdin Enterprise organization from the login page.

Manage Access to Crowdin Enterprise SAML App

By default, all users associated with a single Auth0 tenant are shared between the tenant’s applications (and therefore have access to the applications). If necessary you can restrict some users’ access to the application using rules. See this rule as an example.

Test SSO

  1. On the Crowdin Enterprise login page, select your organization and click Log in.
  2. Click on SAML. You should be automatically redirected to the Auth0 login page.
  3. Enter your login credentials. After your login credentials are authenticated, you’re automatically redirected to Crowdin Enterprise.

Ця стаття була корисною?