--- title: "Auth0" slug: "auth-identity-provider" tags: ["Premium", "Enterprise"] updated: 2026-04-07T09:05:19Z published: 2026-04-07T09:05:19Z canonical: "support.perimeter81.com/auth-identity-provider" stale: true --- > ## Documentation Index > Fetch the complete documentation index at: https://support.perimeter81.com/llms.txt > Use this file to discover all available pages before exploring further. # Auth0 ## Introduction This article outlines the steps to configure Auth0 as an identity provider. By integrating with Auth0, Check Point SASE can authenticate users seamlessly, leveraging the capabilities of the Security Assertion Markup Language (SAML) protocol. ## Steps 1. Open the [Auth0 Administrator Console](https://manage.auth0.com/dashboard). 2. Select **Applications** in the main navigation panel. 3. Select the **+ Create Application** on the upper side of the screen. ![360010981140ScreenShot2020-04-14at210533.png](https://cdn.document360.io/44667c0c-50d7-412a-acbd-20d4a41c952e/Images/Documentation/360010981140ScreenShot2020-04-14at210533.png) 4. Add Check Point SASE as the name of your Application. 5. Select the "**Regular Web Application** " type, and click on **Create.** **![360010981180ScreenShot2020-04-14at210806.png](https://cdn.document360.io/44667c0c-50d7-412a-acbd-20d4a41c952e/Images/Documentation/360010981180ScreenShot2020-04-14at210806.png)** 6. Navigate to "**Addons** " and turn on the "**SAML2 Web App** " toggle. ![360010981800ScreenShot2020-04-14at211150.png](https://cdn.document360.io/44667c0c-50d7-412a-acbd-20d4a41c952e/Images/Documentation/360010981800ScreenShot2020-04-14at211150.png) 7. In the Addon: **SAML2 Web App window:** - **Application Callback URL**: - For US based platform - [https://auth.perimeter81.com/login/callback?connection={{WORKSPACE}}-oc](https://auth.perimeter81.com/login/callback?connection=%3Cspan%20ng-non-bindable%3E%3C/span%3E-oc) - For EU based platform - [https://auth.eu.sase.checkpoint.com/login/callback?connection={{WORKSPACE}}-oc](https://auth.eu.sase.checkpoint.com/login/callback?connection={{WORKSPACE}}-oc) - For AU based platform - [https://auth.au.sase.checkpoint.com/login/callback?connection={{WORKSPACE}}-oc](https://auth.au.sase.checkpoint.com/login/callback?connection={{WORKSPACE}}-oc) - For IN based platform - [https://auth.in.sase.checkpoint.com/login/callback?connection={{WORKSPACE}}-oc](https://auth.in.sase.checkpoint.com/login/callback?connection={{WORKSPACE}}-oc) - **Settings:** Copy the following configuration: US based platform: ``` `{ "audience": "urn:auth0:perimeter81: **{{WORKSPACE}}**  -oc", "mappings": { "email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", "given_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", "family_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "groups": "http://schemas.xmlsoap.org/claims/Group" } }` ``` EU based platform: ```none `{ "audience": "urn:auth0:eu-sase-checkpoint: **{{WORKSPACE}}** -oc", "mappings": { "email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", "given_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", "family_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "groups": "http://schemas.xmlsoap.org/claims/Group" } }` ``` AU based platform: ```none `{ "audience": "urn:auth0:au-sase-checkpoint: **{{WORKSPACE}}**     -oc", "mappings": { "email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", "given_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", "family_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "groups": "http://schemas.xmlsoap.org/claims/Group" } }` ``` IN based platform: ```none `{ "audience": "urn:auth0:in-sase-checkpoint: **{{WORKSPACE}}**     -oc", "mappings": { "email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", "given_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", "family_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "groups": "http://schemas.xmlsoap.org/claims/Group" } }` ``` ***Hint:** Remember to replace the {{WORKSPACE}} with your actual tenant name* ![360010981620ScreenShot2020-04-14at220317.png](https://cdn.document360.io/44667c0c-50d7-412a-acbd-20d4a41c952e/Images/Documentation/360010981620ScreenShot2020-04-14at220317.png) 8. Click **Enable** to save and activate the Application. 9. Click on **Debug** and verify your configuration. 10. Navigate to **Usage.** 11. Click on **Download Auth0 certificate.** 12. Write down the **Identity Provider Login URL.** **![360010983659ScreenShot2020-04-14at212746.png](https://cdn.document360.io/44667c0c-50d7-412a-acbd-20d4a41c952e/Images/Documentation/360010983659ScreenShot2020-04-14at212746.png)** ## Configuring Auth0 in the Management Platform At this point, you will configure the integration from the Check Point SASE side. 1. Log in to your Check Point SASE Management Platform, and navigate to **Settings** and then **Identity****Providers**. ![360008600859addprovider11.png](https://cdn.document360.io/44667c0c-50d7-412a-acbd-20d4a41c952e/Images/Documentation/360008600859addprovider11.png) 2. Select **+ Add Provider.** 3. Choose **SAML 2.0 Identity Providers.** 4. Sign In URL: **Identity Provider Login URL** 5. Add your organization domain. 6. Open the **Auth0 certificate** file and paste its content into the **X509 Signing Certificate** box. ![](https://cdn.document360.io/44667c0c-50d7-412a-acbd-20d4a41c952e/Images/Documentation/add%20SAML.png) 7. Select **Done**. ## Recommendations - When creating an application in Auth0, ensure you select the "Regular Web Application" type. - Always replace placeholders like {{WORKSPACE}} with the appropriate values during configuration. - Ensure that the correct mappings are set up in the Auth0 SSO application for accurate user authentication and authorization. - Periodically review your Auth0 configuration settings to ensure they align with any updates or changes made within the Check Point SASE platform ## Troubleshooting If you encounter issues during or after the setup, try reviewing your settings to ensure everything matches the instructions. In particular, check the IP addresses and other details you entered during setup. If issues persist, please consult our dedicated support. ## Support Contacts If you have any difficulties or questions, don't hesitate to contact Check Point SASE's support team. We offer 24/7 chat support on our website at [sase.checkpoint.com](https://sase.checkpoint.com/), or you can email us at sase-support@checkpoint.com. We're here to assist you and ensure your VPN tunnel setup is a success