Configure Auth0 as SAML Identity Provider for OKTA SP

Authentication to an external third-party IDP, such as Auth0, you can follow these steps to connect you OKTA SP via SAML.

Auth0 Forms – Adding Policy Versioning

Auth0 Forms is a tool designed to allow identity flows to be extended with customisable forms and logic, allowing use cases like progressive profiling, policy acceptance, payment collection and more within the hosted login flows you've come to know and love from Auth0. For more detail on forms please refer to my earlier post Auth0 … Continue reading Auth0 Forms – Adding Policy Versioning →

Auth0 Forms – Managing Privacy Policy Acceptance

Auth0 Forms is a powerful tool to extend identity flows with customisable forms and business logic. Forms allows for a hosted secure experience with no need to redirect users to external sites and consistent branding with Universal Login. In this blog post I will talk through how to use forms to ensure all your application … Continue reading Auth0 Forms – Managing Privacy Policy Acceptance →

Automated Unit Testing with the Auth0 Actions Testing library

This article provides a step-by-step guide on setting up an automated unit test suite for Auth0 Actions using Kilterset's Auth0 Actions Testing library. It emphasizes the importance of automated tests for maintaining code reliability and offers practical instructions on creating tests, setting up the testing library, and running tests in the CI/CD pipeline.

Shared device authentication for consumers – device flow and Okta

The article discusses challenges and solutions for shared device authentication, focusing on consumer scenarios. It explores issues like credential exposure, session takeover, and phishing, proposing decoupled authentication and the OAuth 2.0 Device Authorization Grant as effective solutions. The Okta Customer Identity Cloud (Auth0) and Okta Workforce Identity Cloud (WIC) support this approach for secure shared device authentication.

Authenticate with PAR, an underrated gem

OAuth 2.0 is widely used in digital applications for authentication and authorization, but it has security and scalability weaknesses. Pushed Authorization Request (PAR) addresses many concerns with the conventional flow. It is beneficial for high-security scenarios like finance and healthcare, as well as in handling large or complex requests.

Secure React App using Auth0(CIC) and deploy to Azure App Service

TL;DR I had a customer recently ask me, if their React app which is being integrated with Auth0 (CIC) would continue to work if the React app is hosted out of Azure App Service ? Hence this article, as this more of proves the fact that irrespective of where the SPA is being hosted, Auth0(CIC) … Continue reading Secure React App using Auth0(CIC) and deploy to Azure App Service →

With Auth0 (Okta Customer Identity Cloud), get ready for Action !

Actions in the Login flow in Auth0 Let’s discover Actions, those pieces of code that act as flexible extensions to the authorization and authentication flow! For starters, what’s Auth0 ? Auth0 is an IaaS (Identity as a Service) solution, designed by and for developers. Acquired by Okta in 2021, Auth0 will become the solution for CIAM (Customer … Continue reading With Auth0 (Okta Customer Identity Cloud), get ready for Action ! →

Handle authentication/password resets for unique usernames with duplicate email address using CIC (Auth0)

TL;DR In certain unique cases, I have come across a scenario where end customers are using a unique username (ex: USER01) with duplicate email address. In this blog post, I have tried to document a solution/approach on how we could handle authentication and password reset for these users using CIC (Auth0). Known Information Currently CIC … Continue reading Handle authentication/password resets for unique usernames with duplicate email address using CIC (Auth0) →