Product: Thinfinity Workspace
Version: 7 and above
Auth0 is an authentication and authorization platform that simplifies identity management for developers. It provides secure login, identity verification, and single sign-on capabilities for web, mobile, and legacy applications through APIs and SDKs, reducing the complexity of implementing authentication solutions.
The purpose of this article is to guide users on how to configure Single Sign-On (SSO) in Thinfinity Workspace, using Auth0 OAuth as the Identity Provider (IDP).
I. Prerequisites
- Auth0 account with administrative access
- Thinfinity Workspace installed and accessible
II. Configuring Auth0
Create an Auth0 Application for Thinfinity Workspace
- Log into your Auth0 dashboard or create a new account if necessary.
- Go to the Applications section on your Auth0 dashboard and click Applications.
Then click on Create Application.
- Enter a name for your application, e.g., Thinfinity Auth0.
After that, select Single Page Web Applications and click Create.
Obtain Auth0 Domain and Client Information
- Next, inside the application you just created, select the Settings tab and note down the Domain, Client ID, and Client Secret from your Auth0 application settings. These will be needed to configure the SSO on Thinfinity Workspace.
- In the settings of your Auth0 application, locate the Allowed Callback URLs field.
Enter the callback URL provided by Thinfinity Workspace. It usually follows this format:
https://<Your-Thinfinity-Workspace-URL>:<port>/Auth0
- Now, scroll all the way down and click Advanced Settings.
- In Advanced Settings, select the Endpoints tab and copy OAuth Authorization URL, OAuth Token URL, and OAuth User Info URL for later use in Workspace Configuration.
Enable Multifactor Authentication
- To enable 2FA, go to the left menu and select Security > Multi-factor Auth and enable Push Notification.
III. Configuring Thinfinity
Set Up SSO on Thinfinity Workspace
- Open the Thinfinty Configuration Manager, navigate to the Authentication tab and, below that, select the Methods tab. Then click Add > OAuth 2.0 > Other.
Enter Auth0 Details in Thinfinity Workspace
- Input the Auth0 Client ID, and Client Secret into the corresponding fields in the General tab of the Authentication Method Settings.
- Now, select the Server tab and complete the fields with the information gathered from the Endpoints in Auth0 settings. When finished, click OK.
You can follow this table as an example to fill in the details of the specified fields in the image above.
Authorization URL:
|
https://<your-Auth0-domain>.auth0.com/authorize
|
Authorization parameters:
|
scope=openid+email
|
Custom redirect URL:
|
https://<your-workspace-url>:<port>/Auth0
|
Token Validation Server URL:
|
https://<your-Auth0-domain>.auth0.com/oauth/token
|
|
|
- Define which user attributes from Auth0 will map to Thinfinity Workspace user accounts. Common attributes include email, name, and groups.
Go to the Mappings tab and in the Authentication ID Mask field, click Add and enter the email address of the Auth0 user you want to validate, then press OK. When finished, go to the Associated Permissions field, click Add and search for the user in Active Directory. When finished, click OK and Apply the changes.
IV. Testing the SSO Integration
- Attempt to log in to Thinfinity Workspace and try the option Sign in with Auth0.
Verify that you are redirected to the Auth0 login page and can authenticate successfully.
VI. Conclusion
By following these steps, you should be able to integrate Auth0 OAuth as the SSO provider for Thinfinity Workspace effectively. Remember to test thoroughly in a non-production environment before deploying to production.
If you have any further inquiries or need additional support, please do not hesitate to
reach out to us. Our team is always available to help address any questions or concerns you may have.