Securing a Portal Experience with Auth0

In this topic you will learn how to secure Portal Experiences using Auth0 SSO.

When an experience is secured using SSO, users will be required to authenticate before they can access the experience.

The steps in this topic assumed you have created a Auth0 trial account and have confirmed your account through email.

Creating an Access Control Profile

You need to create an Access Control Profile that will be used to secure any experiences you want to secure using SSO.

  1. Login to Video Cloud Studio.
  2. Open the Gallery module.
  3. Click the settings icon () on the home page.
  4. In the left navigation click Access Control Profiles.
  5. Click Create Profile.
  6. Give the profile a Name.
  7. Check the SSO option.

To complete the Access Control Profile, you need some values that will be provided as part of the Auth0 application creation process. After creating a new Auth0 application, we can finish creating this profile.

Creating an Application

Next, you need to create an application that will be secured using Auth0. As part of the application creation process, the signing certificate and SAML protocol URL will be used by the Access Control Profile created in the previous section.

  1. Log in to your Auth0 account.
  2. On the Getting Started page, in the left navigation, click Applications > Applications.
  3. On the Applications page, click + Create Application.
  4. Enter a Name for the application.
  5. Select an application type of Regular Web Applications.
  6. Click Create.
  7. Click the Settings link below the application name.
  8. Confirm that the Token Endpoint Authentication Method is set to Post.
  9. In the Allowed Callback URLs field, add the following URL: https://auth.bcvp0rtal.com/login/callback
  10. At the bottom of the page, expand the Advanced Settings.
  11. Click the Certificates link.
  12. Copy the Signing Certificate to the clipboard.
  13. Return to Gallery and the Access Control Profile you created in the prior section.
  14. Paste the Signing Certificate into the X.509 Certificate field.
  15. Remove the ---BEGIN CERTIFICATE--- and ---END CERTIFICATE--- lines from the X.509 Certificate field.
  16. Return to Auth0.
  17. Click the Endpoints link.
  18. Locate the SAML Protocol URL and copy it to the clipboard.
  19. Return to Gallery and the Access Control Profile you created in the prior section.
  20. Paste the SAML Protocol URL into the SAML 2.0 Endpoint (HTTP) field.
  21. Check the Expose all attributes option at the bottom of the page.
  22. Click Save to save the Access Control Profile.
  23. Return to Auth0.
  24. At the top of the page below the application name, click the Addons link.
  25. Enable the SAML2 WEB APP option.
  26. Click the Settings tab.
  27. In the Application Callback URL field, add the following URL: https://auth.bcvp0rtal.com/login/callback
  28. Scroll to the bottom of the dialog and click Enable.
  29. Close the dialog.

Make sure you save the changes to the application settings.

Creating a User in Auth0

This topic uses a trial account of Auth0. By default, no users are created. You may need to add a user to complete the testing process.

  1. Return to Auth0.
  2. In the left navigation, click User Management > Users.
  3. Click + Create User.
  4. Enter the user info and click Create.

 

Assign the Access Control Profile to an experience

The last step is to assign the Access Control Profile that was created to the experience(s) you want to secure.

  1. Return to Gallery.
  2. Edit the experience you want to secure.
  3. In the left navigation, click Site Configuration > Access Control.
  4. Select the Access Control Profile that is associated with the Auth0 SSO configuration.
  5. Click Save.
  6. Publish the experience.

When you access the experience, you should be prompted by Auth0 to login.