Auth0

Step 1: Create the application

1. In the Auth0 Dashboard (opens in a new tab), go to Applications > Applications and click Create Application.
2. Give it a name (for example, "Sema4.ai Agents"), choose Regular Web Applications, and click Create.

Regular Web Applications use the authorization code flow by default, which is what Sema4.ai needs.

Step 2: Configure the callback URL

On the application's Settings tab, add this to Allowed Callback URLs, then Save Changes:

https://<YOUR_HOSTNAME>/oidc/login/callback

You don't need to set an Allowed Logout URL.

Step 3: Capture the credentials

From the Settings tab, copy:

• Client ID (your Client ID → oidcClientId).
• Client Secret (your Client Secret → oidcClientSecret).
• Domain — you'll use it to build the Discovery URL in the next step.

Step 4: Get the Discovery URL

Your Discovery URL (→ oidcServer) is your Auth0 domain's OpenID configuration endpoint:

https://<YOUR_AUTH0_DOMAIN>/.well-known/openid-configuration

For example, https://your-tenant.us.auth0.com/.well-known/openid-configuration. See Auth0's OIDC discovery docs (opens in a new tab).

Step 5: Restrict who can sign in (optional)

Auth0 offers several ways to limit who can access the application — enabling only specific connections for this application, using Organizations, or adding an Action that allows only certain users or groups. Configure this to match your Auth0 setup.

Step 6: Finalize

You now have the three values from the table at the top of this page:

• Discovery URL (oidcServer)
• Client ID (oidcClientId)
• Client Secret (oidcClientSecret)

Put these in your deployment's values file when you install the application.