Pritunl supports single sign-on with Auth0, the Auth0 authorization extension is used to match Auth0 user groups with a Pritunl organization.
Open the auth0 dashboard and click Applications then select Create Application. Name the application
Pritunl and select Regular Web Applications.
In the application settings set the Application Logo to
https://pritunl.com/img/logo.png then set the Allowed Callback URLs to
https://auth.pritunl.com/callback/authzero. Once done click Save Changes.
Open the APIs tab in the Auth dashboard and select Machine to Machine Applications. Then enable the Authorized for Pritunl. In the drop down menu enable the read:users scope. Once done click Update.
If the authorization extension already exists skip the first step to create it. In the Extensions tab of the Auth0 dashboard click All Extensions and select Auth0 Authorization. Then select install.
Click on the Auth0 Authorization extension to open the extension dashboard. Then in the top right menu click Configuration. At the bottom of the configuration page enable Groups and Roles in the Persistence section. Then at the top click Publish Rule.
Open the Applications section in the Auth0 dashboard and select the Pritunl application. Click Reveal client secret and copy the Client ID and Client Secret.
In the Pritunl management interface open the Settings and set Single Sign-On to
Auth0. The Default Single Sign-On Organization will be used if an existing organization does not match one of the users Auth0 groups. Then enter the Auth0 Sub-Domain. It must be the first portion of the Auth0 domain excluding the Auth0 domain, this domain is shown in the application settings page above. For this example configuration the domain is
pritunl. Then copy the Client ID and Client Secret from the step above. Once done click Save.
Updated about 4 years ago