--- title: Auth0 SSO slug: /deployment/security/auth0 --- # Auth0 SSO Follow the sections in this guide to set up Auth0 SSO. ### Step 1: Create the Account - If you don't have an account, [Sign up](https://auth0.com/signup) to create one. - Select the Account Type, i.e., Company or Personal - Click I need advanced settings and click next. create-account - Provide the Tenant Domain, select the region and click on Create Account. create-account - Once done, you will land on the dashboard page. create-account ### Step 2: Create a New Application - Once you are on the Dashboard page, click on `Applications > Applications` available on the left-hand side panel. create-app - Click on `Create Application`. create-app - Enter the Application name. - Choose an application type and click on `Create`. create-app ### Step 3: Where to Find the Credentials - Navigate to the Settings tab. - You will find your `Client ID`, `Client Secret` and `Domain`. credentials This section will guide to create the Ingestion Bot service account. ### Step 1: Enable Client-Credential - Go to your project dashboard. client - Navigate to `Applications > Applications` client - Select your application from the list. client - Once selected, scroll down until you see the `Application Properties` section. - Change the Token Endpoint `Authentication Method` from `None` to `Basic`. client - Now scroll further down to the section on `Advanced Settings`. - Click on it and select `Grant Types`. - In the `Grant Types`, check the option for `Client Credentials`. client - Once done, click on `Save Changes`. ### Step 2: Authorize the API with our Application. - Navigate to `Applications > APIs` from the left menu. auth - You will see the `Auth0 Management API`. auth - Click on the `Auth0 Management API`. auth - Click on the `Machine to Machine Applications` tab. - You will find your application listed below. auth - Click on the toggle to authorize. - Once done you will find a down arrow, click on it. auth - Select the permissions (scopes) that should be granted to the client. - Click on `Update`. auth After the applying these steps, you can update the configuration of your deployment: Configure Auth0 SSO for your Docker Deployment. Configure Auth0 SSO for your Bare Metal Deployment. Configure Auth0 SSO for your Kubernetes Deployment. ## Configure Ingestion After everything has been set up, you will need to configure your workflows if you are running them via the `metadata` CLI or with any custom scheduler. When setting up the YAML config for the connector, update the `workflowConfig` as follows: ```yaml workflowConfig: openMetadataServerConfig: hostPort: 'http://localhost:8585/api' authProvider: auth0 securityConfig: clientId: '{your_client_id}' secretKey: '{your_client_secret}' domain: '{your_domain}' ```