Connecting Auth0 (SP) and the ComponentSpace SAML v2.0 for .NET stack
I’ve used ComponentSpace a number of times for various Identity projects and have been impressed by their documentation and their support.
They have examples of connecting to various IDP and their developer guide and sample code have examples for ADFS, Azure AD, Office 365, Okta, Google, Salesforce, WSO2 Identity Server, OneLogin, Ping, Bitium, Centrify and Shibboleth but I noticed Auth0 was missing.
Hence the post.
Auth0 will be the SP and ComponentSpace will be the IDP.
You need the ComponentSpace SAML stack .NET code with all the examples.
I will use the example code in this post. Normally, you would create your own project and reference the ComponentSpace dll.
The ComponentSpace IDP example code is at:
… /SSO / HighLevelAPI / MVC / MVCExampleIdentityProvider
in the .NET code.
(Note: “Auth0Tenant” below is the name of your Auth0 tenant. One of the nice things about Auth0 is that if you login to the Auth0 portal, the configuration parameters are pre-configured for you so you can just copy / paste. You can get the instructions from the “Setup tab”:
).
In the ComponentSpace web.config, add the “PartnerSP” entry:
<! — The partner service provider for SSO. →
<! — <add key=”PartnerSP” value=”http://MvcExampleServiceProvider"/>-->
<add key=”PartnerSP” value=”urn:auth0:Auth0Tenant:ComponentSpaceIDP”/>
Create a new section in the saml.config:
<PartnerServiceProviders>
<! — Auth0 example →
<PartnerServiceProvider Name=”urn:auth0:Auth0Tenant:ComponentSpaceIDP”
Description=”Auth0 Service Provider”
WantAuthnRequestSigned=”true”
SignSAMLResponse=”true”
SignAssertion=”false”
EncryptAssertion=”false”
AssertionConsumerServiceUrl=”https://Auth0Tenant.au.auth0.com/login/callback?connection=ComponentSpaceIDP”
SingleLogoutServiceUrl=”http://localhost:51901/SAML/SLOService.aspx”
PartnerCertificateFile="Certificates\nzidentitynew.pem"/>
The MVC Example Identity Provider is configured to run at:
http://localhost:52801/SAML/SSOService
and the IDP certificate is at:
…\SAMLSuite\SAML v2.0 for .NET\Examples\SSO\HighLevelAPI\MVC\MvcExampleIdentityProvider\Certificates
and is called “idp.cer”.
With these settings, we can then configure Auth0.
This is an Enterprise connection — pick “SAMLP Identity Provider”.
Call the connection “ComponentSpaceIDP”.
We configure the “Sign In URL” and upload the idp.cer certificate file.
Download the Auth0 certificate:
It will be a .pem file.
Add this to the certificate directory in the example .NET project.
The directory should look like:
Notice that this corresponds to the entry in the saml.config:
PartnerCertificateFile="Certificates\Auth0Tenant.pem"/>
Ensure you add at least one application in the Auth0 SAMLP “Application” tab otherwise you will get an error when you test the connection:
e.g.
That’s it.
In Auth0, for the SAML connection, click the “Try” key:
This will take you to the ComponentSpace IDP login screen:
Use password = “password”.
And Auth0 shows the success screen.
All good!
