Auth0

This section explains how to integrate Auth0 as a SAML identity provider with LogScale. It covers creating an Auth0 application, configuring SAML settings, managing user accounts, and testing the integration. Auth0 provides a cloud-based identity platform that allows for centralized user management and authentication for LogScale users.

LogScale allows for the integration of many applications. If you want to integrate Auth0 into LogScale, you can do so by creating an application (i.e., an app) in Auth0. To do this, you have to use Auth0's dashboard. This is used to authenticate and authorize the app.

Prerequisites for Auth0 configuration

Prior to performing the steps below, make sure that you have an Auth0 account.

Create an app in Auth0

Log in to the Auth0 dashboard page:

  1. In the Auth0 dashboard, go to Applications and click Applications.

    Screenshot of the Auth0 dashboard showing the Applications section, where users can navigate to set up new applications for SAML integration with LogScale.

    Figure 84. Auth0 Dashboard Applications Section


  2. Click Create Application. Name the app and select Native. Click Create.

    Screenshot showing the "Create Application" dialog in Auth0 where users enter the application name and select the "Native" application type before clicking the Create button.

    Figure 85. Creating a New Auth0 Application


  3. After you have created the app, make sure you are in the app you created before continuing. Click the Addonscreate tab.

    Screenshot of the Auth0 application configuration page with the Addons tab highlighted, where users can access the SAML 2.0 integration option.

    Figure 86. Auth0 Application Addons Tab


  4. An option to enable SAML2 appears. Make sure that is enabled.

    Screenshot showing option to enable the SAML 2.0 integration option in the Auth0 addons section, which needs to be enabled for LogScale SAML authentication.

    Figure 87. Enabling SAML 2.0 in Auth0


    When you click to enable it, the SAML details appear.

    Screenshot showing the SAML 2.0 integration details in the Auth0 addons section.

    Figure 88. Enabling SAML 2.0 in Auth0


  5. Click Settings and set the Callback URL to http://$YOUR_LOGSCALE_URL/api/v1/saml/acs. Once you enter the callback URL, be sure to scroll to the bottom and select enabled, otherwise it will not be enabled.

    Screenshot of the Auth0 SAML settings page where users configure the callback URL to http://$YOUR_LOGSCALE_URL/api/v1/saml/acs, which needs to be enabled by scrolling to the bottom and clicking the enable button.

    Figure 89. Configuring SAML Settings and Callback URL


  6. Click Usage and copy the Identity Provider Login URL and Issuer and paste them into a text editor to use later.

    Screenshot of the Auth0 Usage section showing where to copy the Identity Provider Login URL, which will be needed for configuring LogScale to connect with Auth0.

    Figure 90. Accessing the Identity Provider Login URL


  7. Click the Identity Provider Certificate to download it. Save this in a certs directory where your native app is running.

Now you must set up users in Auth0. To do this:

  1. Go to the Auth0 dashboard and click User Management then select Users.

    Screenshot showing how to navigate to the User Management section in the Auth0 dashboard, which is used to create and manage users who will authenticate to LogScale.

    Figure 91. Accessing User Management in Auth0


  2. Click Create User. Select the Username-Password-Authentication Connection Type. Enter the user details and click Create.

    Screenshot of the Auth0 Users section showing the "Create User" button that is used to add new users who will have access to LogScale through SAML authentication.

    Figure 92. Creating a New User in Auth0


At this point, Auth0 is configured to work with LogScale. If you want to use groups to manage user authorizations, proceed to Create an Auth0 app with groups configuration (optional). Otherwise, the next step is to configure LogScale to work with your Auth0 app.

Create an Auth0 app with groups configuration (optional)

If you plan to use groups to manage user authorizations between Auth0 and LogScale, you can configure this in Auth0 so that single sign-on is managed seamlessly for users.

Prior to doing the groups configuration, make sure that you have created users as described in Create Auth0 users.

To utilize groups with Auth0, add the Authorization Extension:

  1. Click Extensions in the sidebar and type Authorization in the search box. When the Auth0 Authorization application appears, click to install the application.

    Screenshot showing the Auth0 Extensions page with the Authorization extension being searched for and installed. This extension enables group management functionality for SAML integration with LogScale.

    Figure 93. Installing the Auth0 Authorization Extension


  2. Click Groups. If it prompts you to configure the Auth0Extension, go to this list and then come back here to finish setting up the group.

    Screenshot showing the Groups section within the Auth0 Authorization extension, where administrators can create and manage user groups for LogScale access control.

    Figure 94. Accessing the Groups Section in Auth0


  3. Click Create Group and enter the Name and Description of the group.

    Screenshot of the group creation form in Auth0, where administrators enter a name and description for a new user group that will be used for access control in LogScale.

    Figure 95. Creating a New Group in Auth0


  4. Click the group name and click Add Members to add users to the group.

    Screenshot showing the group management interface in Auth0 with the "Add Members" button, which allows administrators to assign users to groups for LogScale access control.

    Figure 96. Adding Members to an Auth0 Group


The next part of the process is to configure the authorization extension so it passes the group in the authorization data. To do that:

  1. Click on your name, then click Configuration.

    Screenshot showing how to access the Configuration settings for the Auth0 Authorization extension by clicking on the user name and selecting Configuration from the dropdown menu.

    Figure 97. Accessing Authorization Extension Configuration


  2. Configure the extension as shown in the figure. Click Publish rule after making the changes.

    Screenshot of the Authorization Extension configuration page where administrators set up rules for group mapping and click the "Publish rule" button to enable group information to be included in SAML assertions sent to LogScale.

    Figure 98. Publishing Authorization Extension Rules


Remember to set up group mapping in LogScale so that the group name from Auth0 matches the external group mapping name in LogScale. For more information, see Group Synchronization.

Configure LogScale for Auth0

After you have prepared Auth0 for integrating with LogScale, you need to configure LogScale.

To configure Auth0 to work with LogScale, you must set the configuration variables as described in Configure SAML for LogScale Self-Hosted using the details that you saved and downloaded earlier.

Test the Auth0 integration setup

Once all of the necessary steps to set up the Auth0 authentication for LogScale are completed, you need to test the setup.

  1. Go to a Terminal and start LogScale with the following command:

    shell
    ./run.sh

    Allow two to three minutes for LogScale to start.

  2. Connect to localhost in a browser. It should redirect you to an Auth0 login.

  3. Sign into your Auth0. You should be taken to LogScale.