Auth0 is a single-sign on provider, which makes it easy to manage your SAAS application logins and permissions. Follow this simple guide to get your Auth0 account tied to your PagerDuty account.
You must be the Account Owner of your PagerDuty account in order to make these changes. Additionally, SSO capabilities within PagerDuty are only available on our Standard and Enterprise plans. Please contact our sales team if you are interested in upgrading your plan.
Start in Auth0
- Go to the Apps / APIs section in Auth0, then click New App / API.
- Enter a name for your new PagerDuty app in Auth0 and click Save.
- Log in to your PagerDuty account, go to the Configuration menu and select Account Settings. When you get to the Account Details page, click Single Sign-on on the sidebar to the right.
- Click the SAML radio button to configure Single Sign On in PagerDuty and copy the SAML Endpoint URL to paste into Auth0.
- In the new Auth0 app you created in step 2 above, click the Settings tab, then paste the SAML Endpoint URL you copied in step 4 in to the Allowed Callback URLs text area, and click Show Advanced Settings.
- Scroll down to the Certificates section and click the copy button next to the Signing Certificate.
- In PagerDuty, paste the certificate in the X.509 Certificate field. Leave the page open and return to Auth0.
- In Auth0, scroll down to the Endpoints section and click the SAML tab. Click the copy button for the SAML Protocol URL and click Save Changes.
- In PagerDuty, paste the SAML Protocol URL from Auth0 in the Login URL field.
When you complete the steps in this guide and are done testing, you can return to this page to disable user logins via username and password.
With auto provisioning enabled, you can allow SSO users to create a PagerDuty account without manual intervention, however please keep in mind that adding additional users will affect your billing if you go over the number of users included in your pricing plan.
Click Save Changes when you are done on this page.
- Back in Auth0, click the Addons tab for your app and toggle the SAML 2 Web App add-on so that it is ON.
- A settings dialog will open when you turn SAML 2 Web App on. Replace the JSON in this dialog with the following, changing YOUR-SUBDOMAIN-HERE to the subdomain you use to access PagerDuty:
- Scroll down past the SAML descriptions and click Save.
- Congratulations! You should now be able to login to PagerDuty using Auth0.
Can the account owner log in without SSO if username and password authentication is disabled?
Even with this username and password authentication disabled for users, the Account Owner will always be able to login with their username and password as a backup option should you need to change the SSO configuration or disable it completely.
Why don’t I see the Single Sign-on option when I go to Account Settings?
SSO is only available in accounts on our current Standard or Enterprise plans. Please contact our sales team if you are interested in upgrading your plan.