Set up an OpenID Connect (OIDC) provider for federated login
The emnify Portal supports federated login using OpenID Connect (OIDC). Unlike Microsoft Active Directory and Google Cloud Platform, which have out-of-the-box integrations, OIDC is a bring-your-own identity provider (IdP) option. This means you can use any OIDC-compliant IdP - for example, Auth0, Okta, or Keycloak.
This guide uses Auth0 as an example. Configuration details may vary across providers, but the required information is the same.
Prerequisites
- Auth0 account with permission to create and manage applications
- Access to your Auth0 tenant dashboard
- An emnify account using the same email address as your Auth0 login
Federated login requires that your emnify Portal email matches the email used in Auth0. Verify your email in User Settings.
If you need access with a different email, add another user with the Administrator role under Workspace settings > Users.
Step 1: Create an application
Log in to the Auth0 Dashboard.
Copy the Client ID and Client Secret from Settings > Basic Information. You’ll need them later.
Step 2: Configure application settings
Add redirect and logout URLs
In your application’s Settings tab, find the Application URIs section.
Under Allowed Callback URLs, add the following URL:
Under Allowed Logout URLs, add the same URL:
Enable the required grant types
In the Settings tab, find the Authorization Requests section, then:
Finally, click Save at the bottom of the page.
Changes may take up to 30 seconds to take effect.
Keep Advanced Settings open. You’ll copy endpoint values in the next step.
Step 3: Configure SSO in the emnify Portal
Go to Workspace settings (building icon) in the top-level navigation and click Single Sign-On (SSO).
If you need SSO enabled for your account, contact emnify support. Otherwise, click Add under the OIDC SSO provider.
You must verify the provider before federated login becomes active.
For common setup issues, see the Troubleshooting page.
