Auth0 SSO
Files.com supports Single Sign-On with Auth0 using either SAML or OpenID Connect. We recommend using SAML if possible, because it is a more robust integration technology that supports more use cases. Both sets of instructions are presented here.
After logging in to your Auth0 account as an administrator, navigate to Applications and click the Create Application button.
Click to select the Regular Web Applications application type, and click the Create button.
Next, click the Settings tab of the newly created application, and enter the following URL in the Allowed Callback URLs field.
https://app.files.com/login_from_oauth?provider=auth0
Click the Save Changes button to apply the change.
Next, click the copy icon next to the Client ID to copy it. Keep this browser tab open, as you'll be returning here to copy the Client Secret later.
After logging in to your Files.com account as an administrator, navigate to Settings > Security > SSO Providers, and click the Add provider button. Click to select the Auth0 provider.
In the Add provider form, enter your Auth0 subdomain into the Subdomain field, and paste the Client ID you copied in the previous step into the Client ID field.
Back in Auth0, click the copy icon next to the Client Secret to copy it, and paste it into the Client secret field in Files.com.
Lastly, click the Save button to apply the change.
The Auth0 SSO method will now be available when assigning an authentication method for a user in Files.com, and the Sign in with Auth0 button will be displayed on your site's login page.
After logging in to your Auth0 account as an administrator, navigate to Dashboard > Applications > Applications and select Create Application.
Select the option for Regular Web Application, provide your application with a name, and create.
Next, navigate to Addons, enable the SAML2 Web Application toggle.
Navigate to Addon: SAML2 Web App > Settings, for the Application Callback URL enter https://app.files.com/saml/consume and scroll to the bottom of this window to press Enable.
Next, navigate to Addon: SAML2 Web App > Usage, and click to download the Identity Provider Metadata this will be used to connect to your Files.com site.
Type SSO Providers in the search box at the top of every page, and then click on the matching result. Click the Add provider button. Click to select the Auth0 provider.
In the Add provider form, select the Use SAML option, and under Connect to SAML provider via select Metadata XML file, and upload the XML file you had downloaded for the Identity Provider Metadata via Auth0.
Lastly, click the Save button to apply the change.
The Auth0 SSO method will now be available when assigning an authentication method for a user in Files.com, and the Sign in with Auth0 button will be displayed on your site's login page.
There are two ways to automatically provision users via Auth0.
SCIM Provisioning is a standard that allows your Users to be automatically provisioned in Files.com from Auth0.
Input the following settings into Auth0 for SCIM:
- SCIM connector base URL: https://app.files.com/api/scim
- Authentication Mode: Basic Auth
- Basic Auth Username and Password: (Enter a username and password of your choosing)
The username and password entered for Basic Auth will also need to be added as the SCIM username and password in Files.com in the settings for your Auth0 SSO Provider. Type SSO Providers in the search box at the top of every page and then click on the matching result. Locate your Auth0 provider entry and edit the settings to set Enable automatic user provisioning via SCIM? to "Basic" in Files.com.
After setting the above, your Auth0 users assigned to the Files.com application in Auth0 will be provisioned to Files.com and should be able to log in to Files.com via SSO.
JIT Provisioning works by creating user records on Files.com upon their first successful login. This method is easier than SCIM, however, it is somewhat limited. Files.com will automatically use Just-In-Time (JIT) Provisioning if you don't set up SCIM.
The typical login process for SSO on Files.com involves the user navigating to your Files.com site and then clicking a button to be redirected to Auth0. This is the most secure process and is the process that we primarily recommend.
In certain application or enterprise scenarios, it is sometimes preferred to have the SSO process begin at Auth0 (the identify provider, or "IdP"). For example, you might set up an Auth0 based portal and themn allow users to navivate to Files.com from there.
IdP-Initiated flows carry a security risk and are therefore not recommended, however they are supported. Make sure you understand the risks before enabling IdP-Initiated SSO.
Auth0 has a guide for setting up IdP-Initiated SSO.
First, ensure your connection between Auth0 and Files.com is set up as SAML as opposed to OpenID Connect. Then, follow the directions in the Auth0 guide. and select SAML as the Response Protocol for the connection.
Get Instant Access to Files.com
The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.
Start My Free Trial