Setting up an Organisation Attendee SSO on Auth0

As an Organisation Admin, you can add an Attendee SSO profile so that the participants can seamlessly access an event without going through the repetitive login process across different applications on the attendee’s end. This not only enhances convenience but also ensures accountability by verifying the identification of each attendee.

In this documentation, we will navigate you through the following steps to help you set up your Organisation Attendee SSO to prevent unauthorized access to confidential meetings and events.

  • Navigation to Organisation SSO
  • Add Attendee SSO Profile
  • Create an Application on Auth0
  • Edit Attendee SSO Profile

Let's get started 🚀

Navigation to Organisation SSO

Step 1: Log in to your Pigeonhole Live account to access its dashboard. Click on your Workspace selection list from the top-left corner of the interface.

image1.png

Step 2: Select your Organisation name from your workspace selection list.

image15.png

Step 3: Click on the Settings button from the top navigation bar to configure the organisation's Single Sign-On setup.

image11.png

Step 4: Select the Single Sign-On option from the Organisation Settings to configure access to your workspace via the company‘s identity provider (Auth0).

image16.png

Add Attendee SSO Profile

Adding an attendee SSO Profile ensures a seamless login experience for attendees while maintaining security measures specified by the organisation. It creates a more efficient, user-friendly, and secure authentication process for attendees accessing interactive events and engagement features.

Step 1: From the Single Sign-On Page, click on the Add attendee SSO profile button.

image10.png

Step 2: Copy the Callback URL to the clipboard. 

The callback URL is a redirect_uri request parameter. It is the URL to which users are redirected once the authentication is complete. This is where your application receives and processes the response from Auth0. 

Note: redirect_uri: Holds a URL. A successful response from this endpoint results in a redirect to this URL.

image2.png

Create an Application on Auth0

Creating an application in the Auth0 Dashboard assigns it a client ID (a unique identifier), which you can use in your application while setting up attendee SSO for your workspace using Pigeonhole Live. 

This also allows you to configure a SAML2 Web Application addon, a widely used mechanism for authentication, authorisation, and SSO implementation in web applications.

Step 1: Sign in to your Auth0 account and you will be navigated to its dashboard. Click on the Applications dropdown list from the left menu of the interface and select the Applications option.

image17.png

Step 2: Click on the + Create Application from the top-right corner of the interface.

image12.png

A modal window will appear where you will need to enter the application name and select an application from the following types:

Applications Description
Native Mobile, desktop, or hybrid apps that are running natively on a device (e.g., iOS, Android) are included in these applications.
Single Page with Applications JavaScript apps are included in these applications that execute most of their user interface (UI) in a web browser, interacting with a web server using APIs (e.g., AngularJS + Node.js or React).
Regular Web Applications These are traditional web applications that execute most of their application logic on the server (e.g., ASP.NET, Express.js).
Machine-to-Machine Applications Non-interactive applications such as daemons, command-line tools, IoT devices, or services that are running on your back end are included in these applications.

For the demonstration purpose, we have selected the Regular Web Application (Pigeonhole Live). 

Step 3: Enter the application name and select the Regular Web Applications option, click on the Create button.

image18.png

Configure Application

After creating an application, you will need to configure the application by pasting the callback URL to establish a secure and authorised communication link between Pigeonhole Live and Auth0 and mapping within Auth0 so that it sends the correct user profile attributes to the application.

Step 1: Click on the Settings tab under the application description.

image9.png

Step 2: Paste the Callback URL in the Application Login URL and Allowed Callback URLs fields copied from Pigeonhole Live’s Single Sign-On page “Set up your identity provider” section.

  • App login URL: A login URL is the locator of a resource (Which can be used to locate the address of a resource on the internet).

  • Allowed Call-back URL: A security measure to specify the URLs to which an authentication service, like Auth0, can redirect users after successful authentication.

Note: In the Allowed Callback URLs field, you can enter multiple valid URLs by comma-separating them. Except for custom URL schemas for native clients, all callbacks should use protocol (https://).

image14.png

Step 3: Click on the Save Changes button.

image6.png

A toast message will display on the top-right corner of the interface notifying you about successfully saving your changes.

image19.png

Step 4: Click on the Addons tab and select the SAML2 WEB APP option as it provides cross-domain single sign-on (SSO).

Addons: These are plugins associated with an Application in Auth0. These are SAML or WS-FED web apps the application uses, which Auth0 generates access tokens for.

image21.png

Step 5: A modal window will appear. Click on the Settings tab from the top menu bar to map the user attributes such as name, and email ID of the Auth0 to the Pigeonhole Live.

For example, here is the code snippet to update the Settings with the following mapping: 

{
"nameIdentifierFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"nameIdentifierProbes": [
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
]
}

 

image8.png

Step 6: To activate the Addon, click on the Enable button and then hit the Save button.

image7.gif

Step 7: Select the Usage tab and click on the Download option to download the Identity Provider Metadata file used by Pigeonhole Live to send SAML-based authentication requests to Auth0.

image3.png

 

Edit Attendee SSO Profile

After creating an application in Auth0, you will need to edit an Attendee SSO profile which involves modifying the SAML settings associated with the organisation SSO from Pigeonhole Live.

Step 1: From the Single Sign-On Page, click on the Edit button of your Attendee SSO profile.

image13.png

Step 2: A modal window will appear on the screen, where you must enter the Attendee SSO Profile name and upload the IdP metadata file.

image4.png

Step 3: Click on the Save button to save the SAML settings containing your IdP metadata associated with the organisation SSO.

image20.png

This will complete the Organisation Attendee SSO setup.

image5.png