Auth0

Overview

This setup uses a one-click integration in AdminX that automatically generates the SAML SP configuration inside Auth0. Before initiating the one-click step, the Auth0 application must be configured as a Regular Web Application with the Client Credentials grant type enabled, and the application must be authorized as a Machine to Machine app with the create:connections permission on the Auth0 Management API.

The credentials passed during the one-click setup are one-time use only and are not stored by 1Kosmos. Auth0 admin credentials should be rotated after setup is complete.

Prerequisites

• Active 1Kosmos tenant: Administrator access to the AdminX portal. Contact 1kosmos.com/contact if your tenant is not yet provisioned.

• Auth0 administrator access: Admin rights to the Auth0 portal, including the ability to configure applications and API permissions.

• Auth0 application configured correctly: The target application must be set to type Regular Web Application with Client Credentials grant type enabled under Advanced Settings → Grant Types.

• Management API permission: The application must be enabled as a Machine to Machine app under Applications → APIs → Auth0 Management API, with the create:connections permission granted.

• 1Kosmos mobile app installed: Users must have the app on iOS or Android with biometrics enrolled before testing.

Configuration values

Values to collect from Auth0 before beginning the AdminX setup:

Integration steps

Step 1: Configure the Auth0 application

• Log in to Auth0 and navigate to Applications.

• Select the application you are integrating.

• In the Settings tab, copy and save the Domain URL, Client ID, and Client Secret.

• Scroll to Application Properties and confirm the Application Type is set to Regular Web Application.

• Expand Advanced Settings, click the Grant Types tab, and confirm Client Credentials is selected.

• Click Save Changes.

Step 2: Authorize the Management API

• In Auth0, navigate to Applications → APIs → Auth0 Management API → Machine to Machine Applications.

• Locate your application and click Enable.

• In the Permissions section, search for create:connections, select the checkbox, and click Update.

Step 3: Run the one-click integration in AdminX

• Log in to the 1Kosmos AdminX portal and navigate to Applications → Add Application.

• In the Add new applications screen, locate the Auth0 SAML option under Pre-built integrations and click Add integration.

• Enter the following values:

• Click Connect. AdminX will automatically generate the SAML SP configuration inside Auth0.

• Rotate your Auth0 admin credentials after this step; they are transmitted once and not stored.

Step 4: Test the integration

• In your browser, navigate to your organization's Auth0 domain URL. You will be redirected to the AdminX portal login screen displaying a QR code.

• Open the 1Kosmos mobile app, tap Scan QR, scan the code, select Allow only while using the app when prompted for location access, and complete biometric authentication.

• Confirm you are logged into Auth0 after successful authentication.

• Test with a single user before enabling for the full organization.

Integration notes

The one-click flow uses the Auth0 Management API to create the SAML connection automatically. If the connection step fails, confirm that the create:connections permission is correctly assigned to the Machine to Machine application and that the Client Credentials grant type is active.

Auth0 Sandbox instances may require separate configuration; test in the production application type to avoid connection errors.