Files.com supports Single Sign-On with Auth0 using either SAML or OpenID Connect. We recommend SAML whenever possible because it accommodates a broader range of use cases. Instructions for both protocols follow.

Adding Files.com in Auth0 via OpenID Connect

After logging in to your Auth0 account as an administrator, navigate to Applications and click the Create Application button.

Click to select the Regular Web Applications application type, and click the Create button.

Click the Settings tab of the newly created application, and enter the URL https://app.files.com/login_from_oauth?provider=auth0 in the Allowed Callback URLs field.

Click the Save Changes button to apply the change. Next, click the copy icon next to the Client ID to copy it. Keep this browser tab open, as you'll be returning here to copy the Client Secret later.

Adding Auth0 in Files.com via OpenID Connect

In the Add provider form, enter your Auth0 subdomain into the Subdomain field, and paste the Client ID you copied in the previous step into the Client ID field.

Back in Auth0, click the copy icon next to the Client Secret to copy it, and paste it into the Client secret field in Files.com. Lastly, click the Save button to apply the change.

The Auth0 SSO method will now be available when assigning an authentication method for a user in Files.com, and the Sign in with Auth0 button will be displayed on your site's login page.

Adding Files.com in Auth0 via SAML

After logging in to your Auth0 account as an administrator, navigate to Dashboard -> Applications -> Applications and select Create Application.

Select the option for Regular Web Application, give the application a name, and click Create.

Next, navigate to Addons and enable the SAML2 Web Application toggle. Navigate to Addon: SAML2 Web App -> Settings, enter https://app.files.com/saml/consume for the Application Callback URL, and scroll to the bottom of this window to press Enable.

Next, navigate to Addon: SAML2 Web App -> Usage, and click to download the Identity Provider Metadata. You will use this file to connect to your Files.com site.

Adding Auth0 in Files.com via SAML

Select Auth0 as the provider from the SSO providers list.

In the Add provider form, select the Use SAML option. Under Connect to SAML provider via, select Metadata XML file, and upload the Identity Provider Metadata XML file you downloaded from Auth0.

Lastly, click the Save button to apply the change.

The Auth0 SSO method will now be available when assigning an authentication method for a user in Files.com, and the Sign in with Auth0 button will be displayed on your site's login page.

Keep at least one site administrator on password authentication rather than assigning all administrators to SSO. This prevents being locked out of Files.com in the event of an IdP or SSO outage.

Provisioning Users Automatically

Just In Time (JIT) provisioning creates a user record on Files.com on the user's first successful login. It is the default when no other provisioning is configured. JIT can create users, but it cannot delete or disable them.

IdP-Initiated Single Sign On (SSO)

The typical SSO login flow on Files.com starts when the user navigates to your Files.com site and clicks a button to be redirected to Auth0. This is the most secure flow and the one we recommend.

In some application or enterprise scenarios, the SSO flow starts at Auth0 (the identity provider, or "IdP") instead. For example, you might set up an Auth0-based portal that lets users navigate to Files.com from there.

IdP-Initiated flows carry a security risk and are not recommended, but they are supported. Make sure you understand the risks before enabling IdP-Initiated SSO. Auth0 has a guide for setting up IdP-Initiated SSO.

First, ensure your connection between Auth0 and Files.com is set up as SAML as opposed to OpenID Connect. Then, follow the directions in the Auth0 guide and select SAML as the Response Protocol for the connection.