This is a Jitsu.Classic documentation. For the lastest version, please visit docs.jitsu.com. Read about differences here.

πŸ“œ Configuration

Configuration UI

πŸ‘©β€πŸ”¬ Extending Jitsu

Overview
Destination Extensions
Source Extensions
API Specs

Jitsu Internals

Jitsu Server

Auth0 SSO

Introduced in version 1.43.4

Read more about Auth0

Prerequisites

Jitsu supports authentication with any identity provider that provides user email field.
Some providers may not provide email field by default.
In this case you need to enable email field for specific provider in Authentication section of Auth0 dashboard.

ui.base_url must be configured in configurator.yaml

Configuring Auth0 Application

Auth0 application must be of Regular Web Application type.

It is necessary to set following settings in 'Application URIs' section of an Auth0 application Settings:

  • Allowed Login URI – ${configurator_base_url}
  • Allowed Callback URLs β€” ${configurator_base_url}/api/v1/sso-auth-callback
  • Allowed Web Origins β€” ${configurator_base_url}

where ${configurator_base_url} is a public URL of Jitsu Configurator backend, e.g.: https://jitsu.example.com

Configuring Jitsu

  • provider β€” SSO provider: auth0
  • auto_provision.enable β€” Enables user auto provision after SSO authorization if user does not exist in system
  • auto_provision.auto_onboarding β€” Enable this for skipping onboarding step for new users
  • auth0.domain β€” Auth0 tenant domain. Can be obtained from Application settings in Auth0 dashboard
  • auth0.client_id β€” Application Client ID. Can be obtained from Application settings in Auth0 dashboard
  • auth0.client_secret β€” Application Client Secret. Can be obtained from Application settings in Auth0 dashboard
  • auth0.allow_unverified_email β€” Allow login for users with unverified email. Default value is false
  • access_token_ttl_seconds β€” time to live for SSO auth session.

configurator.yaml:

ui:
  #Public URL of the Configurator UI
  base_url: 'https://jitsu.example.com'
    
sso:
  provider: 'auth0'
  auto_provision:
    enable: true
    auto_onboarding: true
  auth0:
    domain: 'dev-12345678.us.auth0.com'
    client_id: '___auth0_app_client_id___'
    client_secret: '___auth0_app_client_secret___'
  access_token_ttl_seconds: 86400,

or you can configure it with env variable JITSU_SSO_CONFIG:

export JITSU_SSO_CONFIG='{"provider": "auth0", "auth0":{"domain": "dev-12345678.us.auth0.com", "client_id": "___auth0_app_client_id___", "client_secret": "___auth0_app_client_secret___"}, "access_token_ttl_seconds": 86400, "auto_provision": {"enable": true, "auto_onboarding": true}}'
export UI_BASE_URL='https://jitsu.example.com'

After you have configured the SSO auth, the "Continue with SSO" button will appear on the authorization page.