Idence

Are you offering access to your platform to the users of your customers or business partners? Then you will know managing this access can be costly, is error-prone, comes with security risks and may even hinder customer experience in case of long processing times. Idence greatly reduces the technical complexity of managing your customer’s users and their access by offering a user-friendly business tool on top of Auth0.

What you should know about Idence

• Delegate access management responsibilities to admin users of your B2B partners and customers so that they can take charge of their own users and become self-sufficient
• No technical or development knowledge is needed to manage your identities and their access to your platforms.
• Out-of-the-box features for access management processes makes it efficient, faster, more reliable and ultimately more cost-effective
• Enhanced customer experience and transparency are the result

This integration provides the ability to enrich your Auth0 login process with the information that is captured in Idence.

Once configured, you will be able to authorize users based on the Idence context. You can grant or deny access in Auth0 or you can propagate this context through claims that you control.

Idence and Auth0 can be integrated in one of two ways:

1. On-the-fly: The Idence API is called from an Auth0 Action so that token enrichment can take place during login.
2. Ahead-of-time: Idence context is streamed to Auth0 when changes are made.

Prerequisites

• An Auth0 account and tenant. Sign up for free.
• An Idence tenant. Have a look at our website and get in touch to get your own tenant.

Option 1: On-the-fly integration

Add the Auth0 Action

Note: Once the Action is successfully deployed, all logins for your tenant will be processed by this integration. Make sure this Action is installed and verified on a test tenant before activating the integration in production.

1. Select Add Integration (at the top of this page).
2. Read the necessary access requirements and click Continue.
3. Configure the integration using the following fields:
   • API Key: Key for calling the Idence API, provided upon tenant creation.
   • Tenant: The name of your Idence tenant, provided upon creation.
4. Click Create to add the integration to your Library.
5. Click the Add to flow link on the pop-up that appears.
6. Drag the Action into the desired location in the flow.
7. Click Apply Changes.

Authorization

After configuring and deploying the Action in your Auth0 tenant, access tokens will be enriched with a custom claim that you can use for authorization purposes. The claim paylod will look like this:

"https://YOUR_IDENCE_TENANT.idence.io/authorization" : {
    "securityPrincipalId": "76d7fecf-2051-4e9e-ba41-a08ad28b92ad",
    "serviceProviderOrganizationId": "76d7fecf-2051-4e9e-ba41-a08ad28b92ad",
    "membershipContext": [{
        "membershipId": "76d7fecf-2051-4e9e-ba41-a08ad28b92ad",
        "organization": {
            "id": "76d7fecf-2051-4e9e-ba41-a08ad28b92ad",
            "name": "AE nv",
            "active": true
        },
        "roles": [{
            "id": "76d7fecf-2051-4e9e-ba41-a08ad28b92ad",
            "name": "Administrator",
            "validUntil": "2022-03-08T20:24:48.100Z"
        }],
        "validUntil": "2022-03-08T20:24:48.100Z"
    }]
}

Option 2: Ahead-of-time integration

For this integration type, Idence will provision the information known about the user in a structured way towards Auth0. This integration can vary depending on your company and will need to be configured in Idence and will be done when provisioning your Idence tenant. Get in touch to get your own tenant.