Group Email Manager

login signup

Configuring Auth0 for Simplelists SAML2 Authentication

Authenticate to Simplelists with Auth0 and SAML2

The following provides instructions for setting up Auth0 to work with Simplelists.

Login to the Auth0 Admin Dashboard

  1. Logon to your Auth0 Admin Console Shows Auth0 Dashboard with Applications Menu Selected
  2. Click Applications under the Application menu
  3. Click Create Application

Create Application

    Shows Auth0 Create Application page
  1. Enter a Name
  2. Select Regular Web Application
  3. Click Create Shows a list of web frameworks to choose
  4. Click Skip Integration

Configure Application

    Shows Application Addon to Enable SAML2 WebApp
  1. Click Addons
  2. Click toggle for SAML2 Web App

Settings

From the Configuration Parameters you obtain the Metadata and Certificate

Shows the Configuration Details for the application

You can download the following to use with Simplelists:

  1. Identity Provider Metadata Download
  2. Identity Provider Certificate: Download Auth0 certificate
  3. Configure the Settings
  4. Click Settings

Configure

    Shows the Configuration Settings for the application
  1. Enter the Application Callback URL for Simplelists (Reply URL)
  2. The settings are commented out you need to uncomment the required settings

The following are the minimum settings:

NOTE: the signingCert has to be formatted as a single line with embedded newlines.  This is rather painful.  The easiest method is to use vi (vim) and use the following command:

%s/\n/\\n/g

Which translates to replace all real newlines with the characters that are interpreted as new lines “\n”.  The extra “\” escapes the “\n” in “\n”.

{
    "audience": "https://www.simplelists.com/app/saml/xml",
    "mappings": {
        "email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
        "given_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
        "family_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
    },

"nameIdentifierProbes": [
        "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
    ],


"nameIdentifierFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
    "signatureAlgorithm": "rsa-sha256",
    "digestAlgorithm": "sha256",
    "signResponse": true,
    "signingCert": "-----BEGIN CERTIFICATE-----\nMIIFHTCCAwWgAwIBAgIUGk5H4xYoRMa1Jtx4dwZs0UyGjP4wDQYJKoZIhvcNAQEL\nBQAwHjEcMBoGA1UEAwwTZGV2LnNpbXBsZWxpc3RzLmNvbTAeFw0yMzA0MDUxNDM5\nNTlaFw0zMzA0MDIxNDM5NTlaMB4xHDAaBgNVBAMME2Rldi5zaW1wbGVsaXN0cy5j\nb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDSkUIXBXV30SFI3Fst\nVIu5pFl6OYcInXX47mUkhu+1QbU0AyqjL1fFgL/Bw7JceABsPsA/iLo+87+lCkEA\nUzP7tG19kSRRYO8ZYUv/QIr7HuqGiOTnI0+B+TAA2xBPVCfxpQ0fwR1gwoFM4V2Z\naj1EQZo/HcTTj849U8dMX4+2b7VU7eMX2KEIDLocybZczTLvQVPtvdKsGsTYjLC5\nXexn38nVTe5PDoypFtvCDHl0iVHmrT0w2NtPhKIRrwdbQkCb6UT33GW95tQFTOpj\nMv1n/nAVN4pbiojpWWmxz7sAPqFyWe/cd564F4k5+/gQUO5nLc6PPoe0CFdUyZWk\naOCXoiesjPti1M680ITnZZHAQH0YqvSJRG77tn3eKIp24fPWKl+uMP8FEnaqBLi5\nsTba0TrX1LHO+9Z7ygwNT6ns528V8QQPFLFkOuqTSew42cJi91XKq4c5rqoer6Fk\nd+PJTMmMyYk+zpmkIiXS0J1fJXgRJEBHKd9/jPGNZ+IR4Z7Urbg9X5qRe3TO97ty\nuaH1dKM+95235YPrSgZMIz42valUvk/MPFDxzfLm/pMAONgoC0dZOUt6wiM2w8C4\nksbd4/mnJqC4xRfeipKlx+8RncExiy0cq/yGdr25Yu51bQABovcgURsg0u1s7KK8\njMig3E8zChtVCpwtiH33TCHYlQIDAQABo1MwUTAdBgNVHQ4EFgQUYxya0wNzMOu+\n7gXlQLnsmhjPlV8wHwYDVR0jBBgwFoAUYxya0wNzMOu+7gXlQLnsmhjPlV8wDwYD\nVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEABjK8CS5nUfs0REZ+vD3X\nFKldm+dYdqWcq5WmR3yslSFUcgR6b8uvfJf0bKkpqX15jNn6y31G0LHzVozd04ds\nyy5j5T45LXvlFP7xWpmE6RswH8AzlfqdPNHGVZPUU6jw2iJX2v7+PpxKHE6zAvnK\nme7/el9aT2XAXjre24iEBmK7v2V3Er/2JkRMwHNgV1o8pw/ma19DtW6hEeqiL50w\nf3ObDsiMFel2qnew2ylToGGEr6ocid+zK9l7tBEKMOHZozbHuL5qqwtwbMkMHWCq\nFc/1yZJo+u68cp/YvRzu98MzatvA3iiOShD63jWw4kKH8W/AQQnSqnuH8M32yUb+\nC7+qgI2nbWAI9oUAJc45fqyHXSaAolvaIG6EYHNmTcxk0rV/T9Q1ZkD6hsnxnT8A\nk/546MBIeA6DLUaMHuEv3pdxiQ1an7FsA9d5Ks4Exq+WuGres0H3BgtLul31gDOt\nAwzIOJwr+9OjxiguqJjobzayydvM8TUb/Y++Ll1xLLuv6gP4e5u5ed0ty3RzqT1z\nOHiSg4cSKEBIugcUgsKBiksjm6iO0vzlPciOEIEYl1Ocq9KkJkFBw0cdjakGGmSW\nhjqYANYCtcKs80qF4VjvyKzKx1Q/M8Rqkidh9cz4LVUBaWdqqGY6eHyKeqcb9U3X\nweyztkNjtcSi8WD2XEtEeUQ=\n-----END CERTIFICATE-----\n"
}

User Settings for Name

Auth0 does not have a User form to enter name details.  Add the following to the user’s settings to access the Surname and Given Name:

  1. Select User Management
  2. Select Users
  3. Select the user
  4. Scroll down to the Metadata and App Metadata Shows the User Metadata for passing the users Full Name
  5. Add the following to both the Metadata and App Metadata: 
    {
  "family_name": "Smith",
  "given_name": "John"
}
  6. Click Save

Testing Login

At this point you should have successfully configured basic SAML2 authentication.

  1. Open the Simplelists web page (https://www.simplelists.com) Shows the Simplelists Main page
  2. Click Login Shows the login page for Simplelists
  3. Enter your Auth0 enabled email address and click submit.

If everything is correctly configured you will be presented with the Auth0 login page.

Shows the Auth0 Login Screen

  1. Enter the email address that you have enabled for Ping in simplelists
  2. Enter your password
  3. Click Sign On

You should be logged into the simplelists web page as your user.