Auth0


To add CloudCheckr FinanceManager to your Auth0 applications:

  1. On the Auth0 dashboard, click the Applications menu item, and then the Create application button:
  2. Choose a descriptive name for your application, click the Single Page Web App button, and click the Create button:
  3. On the application overview page, click the Settings tab:
  4. On this page, fill out the following details and click on the Save changes button:
    Field Value
    Allowed Callback URLs CloudCheckr FinanceManager Entity ID / Metadata URL endpoint and CloudCheckr FinanceManager Assertion Consumer Service endpoint
    Allowed Logout URLs CloudCheckr FinanceManager Single Logout Service endpoint
  5. Click on the SAML2 addon button. On the Settings tab, fill out the following details and click the Save button:
    Field Value
    Application callback URL CloudCheckr FinanceManager Entity ID / Metadata URL endpoint
    Settings See below
              {
    "nameIdentifierProbes": [
    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"
    ],
    "logout": {
    "callback": "[FinanceManager Single Logout Service endpoint]"
    },
    "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
    }
    Replace the text[CloudCheckr FinanceManager Single Logout Service endpoint] with the Single Logout Service endpoint of your FinanceManager instance.
  6. Click on the Usage tab.
  7. In a separate browser tab, open the CloudCheckr FinanceManager SAML configuration and copy over the following settings:
    CloudCheckr FinanceManager SAML setting Use value
    Entity ID Issuer
    SSO URL Identity Provider Login URL, suffix with /logout
    X-509 certificate Download the certificate by clicking the Download Auth0 certificate link. Open the .pem file and remove the text—–BEGIN CERTIFICATE—–, —–END CERTIFICATE—– and all line breaks so you end up with a single-line base64 encoded string.
    Advanced settings
    {
    "security": {
    "wantXMLValidation": false
    }
    }
  8. Enable Single Sign-On in CloudCheckr FinanceManager by navigating to Administration > Configuration and then clicking on the System tab. Make sure the Single Sign-On option is set to Enabled, and click the Update button:

    SSO is now configured and enabled, and you can now use Auth0 to login to your CloudCheckr FinanceManager instance. The login screen will look something like this:

    Click Login to/ be taken to the Auth0 login screen. CloudCheckr FinanceManager will receive the Auth0 e-mail address and create a new user in the configured user group if no existing user is found.


How did we do?