This guide walks you through setting up Single Sign-On (SSO) on Sana using Auth0 as your service provider.
Create Applications
Click Create Application.
Give your new application a descriptive name.
Choose Regular Web Applications from the following app types:
Click Create.
Enable SAML2 Web App Addon
You can configure a SAML2 Web Application add-on for use with an application.
Identify the application with which you want to use a SAML2 Web Application, and click the Application's name to go to its configuration settings.
Go to the Addons tab.
In the SAML2 Web App box, click the slider to enable the Addon.
Go to the Settings tab and enter your Application Callback URL as well as the Settings.
Application Callback URL: https://example.sana.ai/x-realtime/auth/saml/acs
On the Settings tab, there is a sample object that you can use when determining which settings you want to enable.
"mappings": {
"email": "email",
"given_name": "firstName",
"family_name": "lastName"
}
Click Debug to test if your provided parameters are valid.
Click Save when done.
Provide application details
After saving your settings, go to the Usage tab within the SAML2 addon. Here, you’ll find metadata such as the SAML Login URL, Issuer, and x509 certificate — all required for completing setup on the Sana side.
⚠️ Limitation: Auth0 does not pass first and last name by default
Due to a limitation in Auth0, first name and last name are not included in the default SAML assertion unless user provisioning is implemented.
As a result:
Users logging in via SSO through Auth0 will appear in Sana without a first or last name.
Only authentication is supported through this method.
If you need to sync user profile data like first and last name, user provisioning via SCIM or a similar method must be set up separately.