To properly configure SSO in the Brand Control Center, follow these steps:

Note : Current SSO configuration in BCC supports OAuth/OIDC Protocol.

SSO Configuration in BCC

1. Accessing SSO Setup Form in BCC

  • Log in to the BCC to access your brand account.

  • Navigate to the Setup Single Sign On (SSO) under Settings.

2. Entering Required Details into BCC form for SSO Setup

Go to your Auth0 application

  • Go to your Auth0 application (https://manage.auth0.com/) → Settings → Basic information in order to fill out the details required for SSO setup form in BCC.

Primary Details

Step-01: Enter the CTA Display Name (The name displayed on the CTA button for SSO).’

Step-02: Get your Client ID (The unique identifier for your application) from AuthO application settings and enter it into the form for SSO setup in BCC.

Step-03: Get your Client Secret (A string used to sign and validate ID Tokens for authentication flows and to gain access to select Auth0 API endpoints) from AuthO application settings and enter it into the form for SSO setup in BCC.

Step-04 (optional): Enter Third Party ID (to integrate 3rd party services)

Do you have an OpenID Connect (OIDC) discovery endpoint

  • Do you have an OpenID Connect (OIDC) discovery endpoint configured with your application under Auth0?

Yes, OIDC is configured

—> Yes, OIDC is configured as a discovery endpoint.

1: Turn the radio button to “Yes” under BCC.

2: Go to your Auth0 application (https://manage.auth0.com/) → Settings → Advanced Settings → Endpoints → Oauth

3: Get your OpenID Configuration URL (URL used to automatically fetch OpenID Connect configurations) and enter it into the form under OIDC Discovery Endpoint field in BCC.

Note : You can also add any extra static query params you want after the Open ID configuration URL.

4 (optional): If your method type is POST and you want to know the source from which O&O properties of yours the end user is coming, then you can add extra body params that you had configured at your end. For eg: “source” - you will get the hostname from where the user is coming from, “os” - what is the operating system of the user i.e. android or iOS.

5: Set up the Scopes (permissions or action levels required during authorization) under BCC form in order to provide the permissions for the user info. you want to get accessed by Genuin. By default required scopes will be “openid”,”profile”,”email”.

  • In order to see the list of permissions to set as scopes, copy paste the OpenID Configuration URL in the browser and you can check under the “scopes_supported” key.

No, OIDC is not configured

—> No, OIDC is not configured as a discovery

1: Turn the radio button to “No”

2: Go to your Auth0 application (https://manage.auth0.com/) → Settings → Advanced Settings → Endpoints → Oauth

3: Get your OAuth Authorization URL (URL used to authorize the user for access to your application) and enter it into the form under Authorization Endpoint field in BCC.

Note : You can also add any extra static query params you want after the OAuth Authorization URL. For e.g. : “o2v=2”

Optional: You can add extra Authorization Endpoint Query Params (dynamic params). For e.g. : state

4: Get your OAuth Token URL (URL used to retrieve the authentication token after authorization) and enter it into the form under the Token Endpoint field in BCC.

Note : You can also add any extra static query params you want after the OAuth Token URL.

Optional: You can add extra Token Endpoint Body Params (dynamic params). For e.g. : “callbackurl”

5: Get your OAuth User Info URL (URL used to retrieve the authentication token after authorization) and enter it into the form under the User Info Endpoint field in BCC.

User Info. Mapping

1: Go to your Auth0 application (https://manage.auth0.com/) → Settings → Advanced Settings → Endpoints → Oauth

2: Get your OAuth Authorization URL and copy paste in the browser. Check under the “claims_supported” key to add the required values under BCC form for “userid”, “email”, “emailVerified” keys via the values under “claims_supported”.

  • You can also add multiple key-value pairs for user info mapping. Other keys supported under BCC SSO Setup form are as follows;
    • Age
    • Bio
    • Birthdate
    • Country code
    • Gender
    • Is mobile verified
    • Mobile

Note : If you have a nested key under the response for your user info. you can also add the “value” as for e.g. : “data.data.id” (based on your nested json for user info.)

Entering Callback URLs

  • Allowed Callback URLs are a list of specific URLs (provided by Genuin) where Auth0 will redirect a user after they successfully authenticate, essentially acting as the designated endpoint for your application to receive the authentication details following a login process.
  • It is necessary for your application to know how to continue the user on their journey.
  • Go to your Auth0 application (https://manage.auth0.com/) → Settings → Application URLs → Allowed Callback URLs

Enter the URLs comma-separated.

Once the SSO integration is completed in BCC, the Genuin SDK will automatically authenticate users without requiring them to enter credentials again.

Was this page helpful?

Suggest editsRaise issue
User Authentication MechanismsHow Genuin Auto Login Works?