# Auth0 First, we need to add Exivity to your Auth0 applications. Follow these steps: * On the Auth0 dashboard, click the **Applications** menu item, and then the **Create application** button: ![](/files/-LSKggxNvNWNB_xvBRSS) * Choose a descriptive name for your application, click the **Single Page Web App** button, and finally the **Create** button: ![](/files/-LSKh8uwuR6rDuPhKzz8) * On the application overview page, click the **Settings** tab: ![](/files/-LSRCYmNcf6zdH1zUfUo) * On this page, fill out the following details and click on the **Save changes** button: | Field | Value | | ------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Allowed Callback URLs** |

Exivity Entity ID / Metadata URL endpoint (see endpoints) and

Exivity Assertion Consumer Service endpoint (see endpoints)

| | **Allowed Logout URLs** | Exivity *Single Logout Service* endpoint (see [endpoints](/3.5.4/advanced/integrate/sso.md#endpoints)) | ![](/files/-LSKy-sD2RLVNPOgbH6F) * Click on the **SAML2** addon button. On the **Settings** tab, fill out the following details and click the **Save** button: | Field | Value | | ---------------------------- | --------------------------------------------------------------------------------------------------------- | | **Application callback URL** | Exivity *Entity ID / Metadata URL* endpoint (see [endpoints](/3.5.4/advanced/integrate/sso.md#endpoints)) | | **Settings** | See below | ```javascript { "nameIdentifierProbes": [ "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" ], "logout": { "callback": "[Exivity Single Logout Service endpoint]" }, "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" } ``` {% hint style="warning" %} Replace the text`[Exivity Single Logout Service endpoint]` with the *Single Logout Service* endpoint of your Exivity instance (see [endpoints](/3.5.4/advanced/integrate/sso.md#endpoints)) {% endhint %} * Click on the **Usage** tab. ![](/files/-LSKzfJw09keXoxJkKHj) In a separate browser tab, open the Exivity SAML configuration (see [configuration](/3.5.4/advanced/integrate/sso.md#configuration)) and copy over the following settings: | Exivity SAML setting | Use value | | --------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Entity ID** | *Issuer* | | **SSO URL** | *Identity Provider Login URL* | | **SLO URL** | *Identity Provider Login URL*, suffix with `/logout` | | **X-509 certificate** |

Download the certificate by clicking the Download Auth0 certificate link.

Open the .pem file with a text editor and remove

the text-----BEGIN CERTIFICATE-----, -----END CERTIFICATE-----

and all line breaks so you end up with a single-line base64 encoded string.

| | **Advanced settings** |

{
"security": {
"wantXMLValidation": false
}
}

| * As the last step, enable Single Sign-On in Exivity by navigating to *Administration* > *Settings* and then clicking on the *System* tab. Make sure the *Single Sign-On* option is set to *Enabled*, and click the *Update* button: ![](https://blobscdn.gitbook.com/v0/b/gitbook-28427.appspot.com/o/assets%2F-LHEKskLK6aXinV75Knl%2F-LHF0G1lYWN8xZtENgii%2F-LHF0U2a-1m4rWCtNzX6%2Fazure-ad-exivity-configuration.png?generation=1531424669531682\&alt=media) SSO is now configured and enabled, and you can now use Auth0 to login to your Exivity instance. The login screen will look something like this: ![](https://blobscdn.gitbook.com/v0/b/gitbook-28427.appspot.com/o/assets%2F-LHEKskLK6aXinV75Knl%2F-LHF0G1lYWN8xZtENgii%2F-LHF0U2cVXgVSEJprLbl%2Fexivity-login-sso.png?generation=1531424668611642\&alt=media) And by clicking on the *Login* button, you'll be taken to the Auth0 login screen. Exivity will receive the Auth0 e-mail address and create a new user in the configured user group (see [configuration](/3.5.4/advanced/integrate/sso.md#configuration)) if no existing user is found. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://olddocs.exivity.io/3.5.4/advanced/integrate/sso/auth0.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.