--- title: 'Auth0' description: 'Learn how to configure Auth0 as an identity provider for NocoDB.' tags: ['SSO', 'Auth0', 'OIDC'] keywords: ['SSO', 'Auth0', 'OIDC', 'Authentication', 'Identity Provider'] --- :::warning SSO is available under private beta for self hosted enterprise customers. Please reach [**out to us**](https://calendly.com/nocodb) for early access. ::: This article briefs about the steps to configure Auth0 as Identity service provider for NocoDB ### NocoDB, Retrieve `Redirect URL` 1. Go to `Account Settings` 2. Select `Authentication (SSO)` 3. Click on `New Provider` button 4. On the Popup modal, Specify a `Display name` for the provider; note that, this name will be used to display the provider on the login page 5. Retrieve `Redirect URL`; this information will be required to be configured later with the Identity Provider ![OIDC SSO Configuration](/img/v2/account-settings/SSO-1.png) ![OIDC SSO Configuration](/img/v2/account-settings/OIDC-2.png) ![OIDC SSO Configuration](/img/v2/account-settings/OIDC-3.png) ### Auth0, Configure NocoDB as an Application 1. Access your [Auth0 account](https://auth0.com/) - navigate to `Applications` > `Create Application`. 2. In the `Create Application` modal, - choose `Regular Web Application` - click `Create` 3. On Quick start screen, go to `Settings` tab - Copy the `Client ID` and `Client Secret` from the `Basic Information` section. 4. Goto `Application URIs` section - Add the `Redirect URL` copied from step(2) under `Allowed Callback URLs`. - `Save Changes` 5. On the `Settings` tab, go to the `Advanced Settings` section and click on the `Endpoints` tab. - Copy the `OAuth Authorization URL`, `OAuth Token URL`, `OAuth User Info URL` & `JSON Web Key Set URL` ### NocoDB, Configure Auth0 as an Identity Provider 1. In NocoDB, open `Account Settings` > `Authentication` > `OIDC`. On the "Register OIDC Identity Provider" modal, insert the following information: - Insert `Client ID` retrieved in step (5) above as `Client ID` - Insert `Client Secret` retrieved in step (5) above as `Client Secret` - Insert `OAuth Authorization URL` retrieved in step (7) above as `Authorization URL` - Insert `OAuth Token URL` retrieved in step (7) above as `Token URL` - Insert `OAuth User Info URL` retrieved in step (7) above as `Userinfo URL` - Insert `JSON Web Key Set URL` retrieved in step (7) above as `JWK Set URL` - Set `Scope` as `openid` `profile` `email` `offline_access` - In the Username Attribute field, indicate the name of the claim that represents the user's email. The default value is set to "email." For Sign-in's, user should be able to now see `Sign in with ` option. ![SAML SSO Configuration](/img/v2/account-settings/SSO-SignIn.png) :::note Post sign-out, refresh page (for the first time) if you do not see `Sign in with ` option ::: For information about Auth0 API Scopes, refer [here](https://auth0.com/docs/secure/tokens/refresh-tokens)