AnastasiaG.62765 (Customer) asked a question.
SCIM integration with Auth0 using the OAuth2 Authorization Code grant flow
Hello,
We are trying to set up a SCIM integration between Okta and Auth0, with OAuth2 Authorization Code grant flow as the authentication mode.
For SCIM, these are the only parameters that Okta accepts to set up the OAuth2 Authorization Code flow with a 3rd party provider:
- Access token endpoint URI
- Authorization endpoint URI
- Client ID
- Client Secret
However, Auth0 expects that an audience parameter is also added to the initial /authorize request, otherwise, the call to the /token endpoint returns an access token with an empty payload. Is there a way that we can add extra parameters, like the audience, to the /authorize request?
Are you trying to provision Workforce users from Otka to Auth0 so that those users can use apps configured for Auth0 that are perhaps more public facing? If so, perhaps you can configure an Org2Org app for the relationship between Okta (Workforce) and Auth0 (Public). My organization has set up Org2Org between 2 Okta tenants for a similar need. Maybe Org2Org can be used for Okta to Auth0 integration.
You might want to see if there are any connectors published in the Okta app catalog. There is one vendor "Aquera" we have been talking to that has Okta SCIM connectors for lots of endpoints (Relias, Kronos, etc). These connectors allow you to configure SCIM provisioning in Okta and then the connector transform the data to the endpoint. They told us if they don't have an endpoint we want they can create it in a matter of a couple weeks.
I'm interested in SCIM provisioning for OIDC apps so if you have any links that talk about this that you've used for your Okta to Auth0 attempt I would be interested if you would not mind sharing.
Good luck!