Vaadin SSO kit with Auth0

In the docs, Auth0 is not listed as being a supported identity provider. Shouldn’t it still work as it communicates via OAuth2?
If not, is there any way for me to get it to work?

Note: I’m currently at a state where baseUrl/login redirects me to the auth0 login form, which after a login redirects me to the baseUrl, but looking at the console it says: POST http://localhost:8080/?v-r=uidl&v-uiId=0 403

There is nothing stopping you from using any Oauth2 or OIDC Provider out there - Vaadin isn’t involved in it

Yeah I’m using the SSO Kit from the Tool Kits, I guess I misconfigured it then
The docs say

The following identity providers are supported:

Okta

Keycloak

Azure Active Directory

so I wasn’t sure if Auth0 works too

Oh, sorry I haven’t noticed that you are using that product! Technically Auth0 should work out of the box with Vaadin, could be possible that the SSO kit interferes somehow - @nimble-whale do you have some valuable Infos about it?

Alright :slightly_smiling_face: I’ll provide some more infos: having the sso-kit-starter version 1.0-SNAPSHOT installed, set spring security properties (client provider issuer-uri, and client-id/secret). Auto configure of the SSO kit is enabled. Route /login shows the issuer uri which I can click on to login (doesn’t redirect to that uri directly :frowning_with_open_mouth: ), Route /logout shows a “Are you sure to logout” screen with a button which seems to work. But after logging in I can’t access any views and the Console prints the error I posted earlier

Guessing: Auth0 returns roles in a property that isn’t currently mapped by the SSO Kit - like with e.g. keycloak

removing “roles” from the scope didn’t fixed it

Hey @sparkling-tiger! Given the 403 error looks like SSO Kit auto-configuration is not getting applied. Which version of Vaadin and Spring are you using?

springBootVersion=2.7.5
vaadinVersion=23.2.5

Do you see any logs related to the license check? It could be that SSO Kit auto-configuration is skipped if it doesn’t find a license.

Oh yea I do, way up in the server logs. I thought the SSO kit would behave like the Pro Components because I have a Pro subscription in my browser. How can I add the License to the Server?

You can find different approaches on getting the license to the server documented here: https://vaadin.com/docs/latest/configuration/licenses

Then, once you have the license validated, you can enable auto-redirecting on the provider’s login page by setting the vaadin.sso.login-route property as documented here: https://vaadin.com/docs/latest/tools/sso/getting-started/#single-sign-on

So I would need a offline license key right? Server license key is not feasable becasue I’m not in production mode and Online License key is only working in the browser correct?

Correct, you probably already have a license file in your local machine located at ~/.vaadin and you can use it also on the server.

Yea I have. So just add environment variable VAADIN_OFFLINE_KEY with the raw json?

And as you are creator of the kit: I was thinking about already upgrading to Spring Boot 3 and Vaadin 24 as suggested by a blog post. Does the kit need to be upgraded to Spring Boot 3 too or would it probably work?

It’s not ready for Spring Boot 3 because of the servlet API

Oh you are right