Auth0
Snow Atlas supports configuring Auth0 as a single sign-on (SSO) provider.
The Auth0 single sign-on application registration is configured using OpenID Connect (OIDC). The configuration options are already set with the permissions and settings required to function with Snow Atlas. You can also configure items such as user and access group assignments that you want to apply to this registration.
Supported features
-
ServiceProvider (SP) initiated SSO when you attempt to sign in from Snow Atlas
-
User provisioning to create the user on first sign in, when the feature is enabled in Snow Atlas
Requirements
-
The user is an Auth0 administrator.
-
The user is a Snow Atlas system administrator.
Application permissions
The following permissions are required by the Snow Atlas Auth0 single sign-on application registration:
| Scope permission | Description |
|---|---|
profile | Retrieves basic profile information about a user that is mapped to the user's profile in Snow Atlas |
email | A user's primary email address that is used to sign in to Snow Atlas and as contact information |
Configuration required
You are required to configure Auth0 for Snow Atlas. You must add the Snow Atlas single sign-on app to your organization's Auth0. For more information, see Add Snow Atlas as Auth0 app.
The user must have the email claim set in Auth0.
You also require the relevant Authority, client ID and client secret from the Snow Atlas SSO app in Auth0, which you need to set up Auth0 as your SSO provider in Snow Atlas. For more information, see Find values to set up Auth0 SSO in Snow Atlas.
Claim mappings
The Auth0 given_name and family_name properties are mapped to the equivalent properties in Snow Atlas if they are not already populated.
Snow Software does not own the third party trademarks, software, products, or tools (collectively, the "Third Party Products") referenced herein. Third Party Product updates, including user interface updates, may not be reflected in this content.