# Configure SSO for your status page with Auth0

In order to enable your team members and/or status page users to authenticate via Auth0 Single Sign-On, follow these steps:

1\. Start by heading to your Statuspal organization's Security tab, enable SAML authentication, and click on **New SSO settings**.

2\. Copy the  **ACS URL** and **Single Logout URL** from your newly created SSO Setting; you'll need them in the next steps.

3\. Head over to Auth0, click on Applications, select Applications, then click on **Create Application**.

4\. In the new modal window, enter Statuspal as the name, select Regular Web Applications, and click on **Create**.

![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/5b7c6e932c7d3a03f89df563/images/63e624c78ae59c3643e3434f/file-cgULksTZLB.png)

5\. Now select the **Addons** tab and click on **SAML2**.

6\. Under the Usage tab, click on the "Identity Provider Metadata: **Download**" link

7\. Open the downloaded metadata text field with a plain text editor, copy its contents, and paste them onto your Statuspal SSO Settings  **IDP metadata** field.

![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/5b7c6e932c7d3a03f89df563/images/63e6279ef5e6e535e1a9688b/file-CU0oC6XzpJ.png)

8\. Back in Auth0, under the Settings tab of your Addon SAML2 modal window, paste your  **ACS URL** from step 2 onto the **Application Callback URL** field.

9\. Now, under the Settings text field, uncomment the following lines of code:

```
// "nameIdentifierProbes": [
//   "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
//   "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
//   "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"
// ],
```

And change them so that the line that ends with "emailaddress" is the first one on the list. It should look like this:

```
 "nameIdentifierProbes": [
   "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
   "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
   "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"
 ],
```

![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/5b7c6e932c7d3a03f89df563/images/63e6269df5e6e535e1a96889/file-pnPc12GSYT.png)

10. Under the same Settings text field, uncomment the following lines:

```
// "logout": {
//   "callback": "http://foo/logout",
//   "slo_enabled": true
// }
```

And replace the placeholder callback with the **Single Logout URL** you copied before. It should look like this:

```
"logout": {
  "callback": "https://statuspal.io/sso/logout",
  "slo_enabled": true
}
```

<figure><img src="https://4061983002-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FgIMm5p2V7PNx3dS7vwKE%2Fuploads%2FnYrzOZm3jnyMmaCUEfld%2FScreen%20Shot%202025-01-06%20at%2015.23.27.png?alt=media&#x26;token=8acd2e22-40ae-4baf-9140-791b023b49a5" alt=""><figcaption></figcaption></figure>

11\. Now scroll down and click on Enable.

12\. Back in your Statuspal SSO setting, to make sure the configuration worked, click on "Test SAML Configuration" and authenticate **with the same email address from your current StatusPal account**. After a successful test, you should see a success message like this:

![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/5b7c6e932c7d3a03f89df563/images/63e62a81cd3e3454f2cdb2e9/file-TlzFSURo9B.png)

12\.  You should now be able to check the Require SSO checkbox to enforce SSO to your team members.