In this article we will outline setting up Auth0 as a SAML Identity Provider so that we can utilize Telnyx's Single Sign-On feature. GSuite is a collection of business, productivity, collaboration, and education software developed and powered by Google. Suite is a collection of business, productivity, collaboration, and education software developed and powered by Google.It is one of the many SAML providers that Telnyx supports for our SSO feature.
NOTE: If you experience technical difficulties while attempting to set up your GSuite SSO with Telnyx, its possible your provider is experiencing outages/maintenance. You can check the status of GSuite's features at https://www.google.com/appsstatus#hl=en&v=status.
To begin, navigate to your Google GSuite admin portal and click on the Apps icon as shown below.
On the next page click on the Web and mobile apps tile.
You will be brought to the Web & Mobile apps page where you can click the Add Apps drop down menu and select Add custom SAML app.
On the next page, fill in an app name of your choice and click Continue.
In the step 2 section of the Google Identity Provider details page, make note of the values for SSO URL, Entity ID and SHA-256 fingerprint.
Next, navigate to your Organization section of the Telnyx Mission Control Portal and create an Organization if you have not already. Once created, navigate to the Single Sign-On section of the portal and click the green Enable Single Sign-On button.
You will be presented with the following fields:
Fill in the Authentication Provider Name and Short Name with the values you desire. Please note that the Short Name will be part of the SSO URLs.
Select the Manually enter configuration option.
Fill in the IdP Certificate Fingerprint with the SHA-256 fingerprint copied from GSuite.
For IdP Certificate Fingerprint Algorithm, select sha256.
Fill in the IdP Entity ID with the Entity ID copied from GSuite.
Fill in the IdP SSO Target URL with the SSO URL copied from GSuite.
Finally, click on Save Changes. Once the save is complete, you can scroll down to the
"Authentication Provider Generated Config" section and take note of the values for
Assertion Consumer Service URL, Service Provider Entity ID, and
Name Identifier Format.
Going back to Google GSuite, we can click Continue to move on to step 3. You will be presented with the Service provider details page, that should be filled in with the following:
Use the value generated for Assertion Consumer Service URL on the Telnyx Mission Control Portal and paste it in the field ACS URL.
Use the value generated for Service Provider Entity ID on the Telnyx Mission Control Portal and paste it in the field Entity ID.
For the Start URL field, fill in the following URL: https://portal.telnyx.com
For the Name ID format field, select the EMAIL option.
For the Name ID field, select the Basic Information > Primary email option.
Click Continue the bottom, and on the following page click Finish.
When you are ready to enable your SSO configs, navigate back to the Telnyx Mission Control Portal and check the "Enable Single Sign-On" box. Click Save Changes.
Your chosen settings are now in effect! This will send all users in your organization an email informing them that SSO is now enabled. Your users will still be able to login using username/password for the next 72 hours. After that, they will be required to use SSO.