# Interfacing with Auth0 SAML IdP
# Create SAML IdP in Auth0
Please check the Auth0 documentation https://auth0.com/docs/protocols/saml/saml-idp-generic (opens new window).
# Create SAML2 Identity Federation Connection
Go to Application Console > Connect Identity Source > Corporate Identity Source, in the Connect SAML IdP area below, click "Connect SAML IdP".
In the drawer that pops up on the right, enter a connection identifier to uniquely identify this connection. Display name fill in Auth0, and fill in the Logo link: https://cdn.authing.cn/docs/badge.png
Fill in the Auth0 IdP login address in the IdP login URL, like https://YOUR_DOMAIN/samlp/CLIENT_ID
The Auth0 IdP logout URL is like https://YOUR_DOMAIN/samlp/CLIENT_ID/logout.
Fill in the content of the SAML2 IdP certificate downloaded from Auth0 in the verification certificate.
Download SAML2 IdP certificate from Auth0
Leave other options as default.
Click "Save".
# Fill in the ACS address of Authing SAML2 identity federation connection in Auth0
In Applications > Application List Entry > Addons > SAML2 WEB APP > Allowed Callback URL, fill in the AssertionConsumeURL of Authing SAML2 identity federation : Https://core.authing.cn/api/v2/connection/saml/
Click "Save" below.
# Use SAML2 Identity Federation
In Control Panel> Applications> Application List, select any application and click "Experience".
On the login authentication page, you can see the SAML2 identity federation connection button just created, click it.
In the pop-up window, log in from the external SAML2 IdP:
After the login is successful, a successful prompt will pop up:
After that, it will call back to the callback address corresponding to the application, and carry the authorization code code and other information.
You can exchange the user's access_token and information through code. For details, please refer to Use code to exchange token.