Configure a SAML Connection Using Okta as the IdP and Auth0 as the SP

Single Sign-On
Feb 20, 2026
Overview

This article provides steps to configure a Security Assertion Markup Language (SAML) connection using Okta as the Identity Provider (IdP) and Auth0 as the Service Provider (SP).

Applies To
  • SAML connection
  • Okta (as Identity Provider) and Auth0 (as Service Provider).
Solution

Review the following video for details



The following steps create a generic SAML enterprise connection between Okta and Auth0.

Okta Configuration

  1. Sign in to the Okta Developer Console.
  2. Go to Applivation > Application > Create App Integration and select SAML 2.0.
  3. In the Single sign on URL field, enter the Auth0 tenant’s login callback URL: https://<YOUR_DOMAIN>/login/callback?connection=<YOUR_CONNECTION_NAME>.
    • NOTE: The connection name must match the name that will be assigned when configuring the SAML Enterprise connection in Auth0.
    • NOTE: If a custom domain is configured within the tenant, use the custom domain in place of <YOUR_DOMAIN>, not the Auth0 default domain.
  4. In the Audience URI (SP Entity ID) field, enter the URI in the format urn:auth0:<YOUR_TENANT>:<YOUR_CONNECTION_NAME>.
  5. Click Next and then click Finish.
  6. Navigate to the Sign On tab for the new application.
  7. Click View SAML Setup Instructions.
  8. From this page, copy the Identity Provider Single Sign-On URL and download the X.509 Certificate. These are required for the Auth0 configuration. The URL format is https://<OKTA_TENANT_DOMAIN>.okta.com/app/../../sso/saml.
  9. Navigate to the Assignments tab. 
  10. Click Assign and select Assign to People from the dropdown menu.
  11. Click the Assign button next to the user or users to assign to the application.

 

Auth0 Configuration

  1. Sign in to the Auth0 Dashboard.
  2. Go to Authentication > Enterprise.
  3. Click Create Connection.
  4. Enter the same connection name used in the Okta Application configuration.
  5. In the Sign-in URL field, enter the Identity Provider Single Sign-On URL copied from the Okta setup instructions.
  6. Upload the X.509 Certificate downloaded from Okta.
  7. Click Create at the bottom of the screen.
  8. Select the Applications tab and enable the toggle for the application to associate it with the new connection.
  9. To test the connection, go to Dashboard > Authentication > Enterprise > SAML, select the three dots next to the connection name, and click Try.

Recommended content

No recommended content found...
Need more help? Visit the Community
Visit the Auth0 Community