auth0 · avanscoy · Apr 28, 2026 · Apr 22, 2026 · Apr 24, 2026 · Apr 28, 2026
@@ -876,10 +876,10 @@
                         "pages": [
                           "docs/authenticate/enterprise-connections",
                           {
-                            "group": "Self-Service Single Sign-On",
+                            "group": "Self-Service Enterprise Configuration",
                             "pages": [
-                              "docs/authenticate/enterprise-connections/self-service-SSO",
-                              "docs/authenticate/enterprise-connections/self-service-SSO/manage-self-service-sso",
+                              "docs/authenticate/enterprise-connections/self-service-enterprise-config",
+                              "docs/authenticate/enterprise-connections/self-service-enterprise-configuration/manage-self-service-enterprise-config",
                               "docs/authenticate/enterprise-connections/connection-profile",
                               "docs/authenticate/enterprise-connections/user-attribute-profile"
                             ]
@@ -4572,8 +4572,8 @@
                           {
                             "group": "Self-Service Single Sign-On",
                             "pages": [
-                              "docs/fr-ca/authenticate/enterprise-connections/self-service-SSO",
-                              "docs/fr-ca/authenticate/enterprise-connections/self-service-SSO/manage-self-service-sso"
+                              "docs/fr-ca/authenticate/enterprise-connections/self-service-enterprise-config",
+                              "docs/fr-ca/authenticate/enterprise-connections/self-service-enterprise-config/manage-self-service-enterprise-config"
                             ]
                           },
                           "docs/fr-ca/authenticate/enterprise-connections/private-key-jwt-client-auth"
@@ -7858,8 +7858,8 @@
                           {
                             "group": "Self-Service Single Sign-On",
                             "pages": [
-                              "docs/ja-jp/authenticate/enterprise-connections/self-service-SSO",
-                              "docs/ja-jp/authenticate/enterprise-connections/self-service-SSO/manage-self-service-sso"
+                              "docs/ja-jp/authenticate/enterprise-connections/self-service-enterprise-config",
+                              "docs/ja-jp/authenticate/enterprise-connections/self-service-enterprise-config/manage-self-service-enterprise-config"
                             ]
                           },
                           "docs/ja-jp/authenticate/enterprise-connections/private-key-jwt-client-auth"
@@ -12095,7 +12095,7 @@
       "destination": "/docs/get-started/auth0-for-ai-agents"
     },
     {
-      "source": "/docs/authenticate/enterprise-connections/self-service-SSO/user-attribute-profile",
+      "source": "/docs/authenticate/enterprise-connections/self-service-enterprise-config/user-attribute-profile",
       "destination": "/docs/authenticate/enterprise-connections/user-attribute-profile"
     },
     {
@@ -12196,7 +12196,7 @@
     },
     {
       "source": "/docs/authenticate/single-sign-on/self-service-SSO",
-      "destination": "/docs/authenticate/enterprise-connections/self-service-SSO"
+      "destination": "/docs/authenticate/enterprise-connections/self-service-enterprise-config"
     },
     {
       "source": "/docs/quickstart/backend/acul/interactive",

@@ -12,7 +12,7 @@ The Connection Profile (CP) enables Auth0 developers to specify how the private
     An administrator creates a Connection Profile that defines the property values that should be written to the connection whenever they are created using one of Auth0 delegated administration features. 
 
 *   **Flexible Scope**<p></p>
-    Profiles are linked to Self-Service SSO and Okta Express Configuration flows today but are designed for broader reuse, covering provisioning, onboarding, entitlement management, and future Auth0 capabilities.
+    Profiles are linked to Self-Service Enterprise Configuration and Okta Express Configuration flows today but are designed for broader reuse, covering provisioning, onboarding, entitlement management, and future Auth0 capabilities.
 
 ## Connection Profile properties
 A Connection Profile is a `JSON` object that supports these configurable properties, which are applied to all newly created connections.

@@ -1,16 +1,13 @@
 ---
-description: Learn how to use Self-Service Single Sign-On to delegate SSO setup to your B2B customers.
-sidebarTitle: Overview
-title: Self-Service Single Sign-On
+description: Learn how to use Self-Service Enterprise Configuration to delegate SSO setup to your B2B customers.
+sidebarTitle: Self-Service Enterprise Configuration
+title: Self-Service Enterprise Configuration
 validatedOn: 2026-02-19
 ---
-<Warning>
-Provisioning and Domain Verification for Self-Service SSO is in Early Access. By using this feature, you agree to the applicable Free Trial terms in [Okta’s Master Subscription Agreement](https://www.okta.com/legal/). To learn more about Auth0’s product release cycle, read [Product Release Stages](/docs/troubleshoot/product-lifecycle/product-release-stages).
-</Warning>
 
-Self-Service <Tooltip tip="Single Sign-On (SSO): Service that, after a user logs into one application, automatically logs that user into other applications." cta="View Glossary" href="/docs/glossary?term=Single+Sign-On">Single Sign-On</Tooltip> (SSO) provides business-to-business (B2B) customers with the tools needed to delegate SSO setup to their enterprise customers. By delegating this task, you can streamline your onboarding process and grant customers more autonomy over their sign-on experience. You can also reduce the time and costs associated with managing SSO across your customer base.
+Self-Service Enterprise Configuration provides business-to-business (B2B) customers with the tools needed to delegate SSO setup to their enterprise customers. By delegating this task, you can streamline your onboarding process and grant customers more autonomy over their sign-on experience. You can also reduce the time and costs associated with managing SSO across your customer base.
 
-Self-Service SSO requires minimal configuration in your Auth0 tenant and provides your customers with a setup assistant that guides them through the enablement process. After a customer completes their setup, the SSO integration is automatically added to your tenant as an [Enterprise connection](/docs/authenticate/enterprise-connections).
+Self-Service Enterprise Configuration requires minimal configuration in your Auth0 tenant and provides your customers with a setup assistant that guides them through the enablement process. After a customer completes their setup, the SSO integration is automatically added to your tenant as an [Enterprise connection](/docs/authenticate/enterprise-connections).
 
 <Callout icon="file-lines" color="#0EA5E9" iconType="regular">
 
@@ -21,11 +18,9 @@ Users with the following Dashboard roles can engage with this feature:
 
 </Callout>
 
-To learn more about Auth0’s subscription, read [Manage Subscriptions](/docs/troubleshoot/customer-support/manage-subscriptions). To upgrade your subscriptions, contact your Technical Account Manager or [Auth0 Sales](https://auth0.com/get-started?place=header&type=button&text=talk%20to%20sales).
+**Self-Service Enterprise Configuration supported providers**
 
-**Supported Providers**
-
-Self-Service SSO currently supports the following <Tooltip tip="Identity Provider (IdP): Service that stores and manages digital identities." cta="View Glossary" href="/docs/glossary?term=identity+providers">identity providers</Tooltip>:
+Single-sign On (SSO) currently supports the following <Tooltip tip="Identity Provider (IdP): Service that stores and manages digital identities." cta="View Glossary" href="/docs/glossary?term=identity+providers">identity providers</Tooltip>:
 
 * Okta Workforce Identity
 * Auth0
@@ -37,24 +32,23 @@ Self-Service SSO currently supports the following <Tooltip tip="Identity Provide
 * Generic OIDC
 * Generic <Tooltip tip="Security Assertion Markup Language (SAML): Standardized protocol allowing two parties to exchange authentication information without a password." cta="View Glossary" href="/docs/glossary?term=SAML">SAML</Tooltip>
 
-Self-Service Provisioning currently supports the following identity providers:
+Provisioning currently supports the following identity providers:
 * Okta Workforce Identity
 * Entra ID
 * Generic OIDC
 * Generic SAML
 
-
 ## How it works
 
-Self-Service SSO uses the following components to delegate setup to your customers:
+Self-Service Enterprise Configuration uses the following components to delegate setup to your customers:
 
-* **Self-service profile**: Defines key elements of customer SSO implementations, such as the identity providers they can use for SSO and which user attributes they must capture, such as email. You can create up to 20 profiles in your tenant for different customers or segments.
+* **Self-service profile**: Defines key elements of customer implementations, such as the identity providers they can use for SSO and which user attributes they must capture, such as email. You can create up to 20 profiles in your tenant for different customers or segments.
 * **Self-service access ticket**: Grants your customers admin access to the self-service assistant and sets specific details for the resulting Enterprise connection. Those customer admins can either create new or modify existing connections.
-* **SSO setup assistant**: Guides your customer admins through the SSO setup process. To learn more about this experience, review the Self-service assistant experience.
+* **Self-service setup assistant**: Guides your customer admins through the SSO setup process. To learn more about this experience, review the Self-service assistant experience.
 
-### Self-Service SSO workflow
+### Self-Service Enterprise Configuration workflow
 
-The steps below provide the general workflow for using Self-Service SSO. These tasks can be completed through either the <Tooltip tip="Management API: A product to allow customers to perform administrative tasks." cta="View Glossary" href="/docs/glossary?term=Management+API">Management API</Tooltip> or the <Tooltip tip="Management API: A product to allow customers to perform administrative tasks." cta="View Glossary" href="/docs/glossary?term=Auth0+Dashboard">Auth0 Dashboard</Tooltip>.
+The steps below provide the general workflow for using Self-Service Enterprise Configuration. These tasks can be completed through either the <Tooltip tip="Management API: A product to allow customers to perform administrative tasks." cta="View Glossary" href="/docs/glossary?term=Management+API">Management API</Tooltip> or the <Tooltip tip="Management API: A product to allow customers to perform administrative tasks." cta="View Glossary" href="/docs/glossary?term=Auth0+Dashboard">Auth0 Dashboard</Tooltip>.
 
 1. You (the Auth0 customer) create a self-service profile in your tenant.
 2. You then create a self-service access ticket associated with that self-service profile. When generating the ticket, you can decide whether your customer admin will create a new connection or modify an existing connection through the self-service assistant.
@@ -66,7 +60,12 @@ The steps below provide the general workflow for using Self-Service SSO. These t
 
 ## Self-service assistant experience
 
-The self-service assistant is a multi-step experience that guides customer admins through configuring SSO and optionally verifying their domain. This experience includes both interactive elements as well as instructions for making the appropriate changes in their selected IdP system.
+The self-service assistant is a multi-step experience that guides customer admins through:
+    * SSO configuration
+    * Domain verification
+    * Provisioning set-up
+
+This experience includes both interactive elements as well as instructions for making the appropriate changes in their selected IdP.
 
 While the exact requirements for configuring SSO vary by IdP, the general workflow for the self-service assistant includes the following:
 
@@ -88,15 +87,15 @@ Depending on how you (the Auth0 customer) configure the access ticket, the exper
 
 | Configuration | Description |
 | --- | --- |
-| Verified Domain Association | Customer admins select and associate existing domains with the new connection without verifying the DNS TXT record if the ticket is scoped to one Organization and the Organization:  <ul><li>Must have the **Allow Use of Domains for Organzation Discovery** option enabled.</li><li>Must have **Domain Verification** set to `Optional` or `Required`.</li></ul> <p></p> The assistant automatically detects previously verified domains for that specific Organization. |
+| Verified Domain Association | Customer admins select and associate existing domains with the new connection without verifying the DNS TXT record if the ticket is scoped to one Organization and the Organization:  <ul><li>Must have the **Allow Use of Domains for Organization Discovery** option enabled.</li><li>Must have **Domain Verification** set to `Optional` or `Required`.</li></ul> <p></p> The assistant automatically detects previously verified domains for that specific Organization. |
 | Domain Verification set to `Required` | Customer admins must successfully verify a new domain via DNS or associate an existing verified domain before they can enable the connection. |
 | Domain Verification set to `Optional` | Customer admin can choose to enter a new domain for verification, associate an existing one, or skip the step. In all cases, the admin can enable the connection regardless of the verification status. |
 | Domain Verification set to `Off` | Custom admins do nothing. This step does not appear to customer admins, and the flow ends after Test SSO. |
 | **Allow Use of Domains for Organization Discovery** is enabled| This option is available when generating a ticket for **one** Enabled Organization. When selected: <ul><li>**New Domains**: Any newly verified domain automatically populate both the Organization’s domain list and the Enterprise Connection's `matching_domains`.</li> <li>**Existing Domains**: Any pre-verified domains (limited to 5) or associated domains sync to both the connection and the Organization record upon completion and enables immediate email-based login for users.</li></ul>|
 
 
 
-To learn more, review [Manage Self-Service SSO](/docs/authenticate/enterprise-connections/self-service-SSO/manage-self-service-sso).
+To learn more, review [Manage Self-Service Enterprise Configuration](/docs/authenticate/enterprise-connections/self-service-enterprise-config/manage-self-service-sso).
 
 ### Example self-service assistant flow
 
@@ -109,42 +108,42 @@ The images below demonstrate an example self-service assistant experience. In th
 
 <Frame>![The first step of the self-service assistant that customer admins use to configure SSO. ](/docs/images/cdy7uua7fh8z/OktaDB-EnterpriseConnections.png)</Frame>
 
-**3. Create Application (truncated)**
+**3. Create application (truncated)**
 
 <Frame>![The second step of the self-service assistant that customer admins use to configure SSO. ](/docs/images/cdy7uua7fh8z/Self-Service-SSO-create-application.png)</Frame>
 
-**4. Configure Connection**
+**4. Configure connection**
 
 <Frame>![The third step of the self-service assistant that customer admins use to configure SSO. ](/docs/images/cdy7uua7fh8z/Self-Service-SSO-configure-connection.png)</Frame>
 
-**5. Claims Mapping**
+**5. Claims mapping**
 
 <Frame>![The fourth step of the self-service assistant that customer admins use to configure SSO. ](/docs/images/cdy7uua7fh8z/Self-Service-SSO-claims-mapping.png)</Frame>
 
-**6. Assign Access**
+**6. Assign access**
 
 <Frame>![The fifth step of the self-service assistant that customer admins use to configure SSO. ](/docs/images/cdy7uua7fh8z/Self-Service-SSO-assign-access.png)</Frame>
 
 **7. Test SSO**
 
 <Frame>![The sixth step of the self-service assistant that customer admins use to configure SSO. ](/docs/images/cdy7uua7fh8z/Self-Service-SSO-Test-SSO.png)</Frame>
 
-**8. Provisioning - Create Application**
+**8. Provisioning - Create application**
 
 <Frame>![Create an application to provision users.](/docs/images/cdy7uua7fh8z/Self-Service-SSO-Provisioning-Create-App.png)</Frame>
 
 **9. Provisioning - Configure SCIM**
 
 <Frame>![Confgure SCIM to provision users to your application.](/docs/images/cdy7uua7fh8z/Self-Service-SSO-Provisioning-configure-scim.png)</Frame>
 
-**10. Provisioning - SCIM Mapping**
+**10. Provisioning - SCIM mapping**
 
 <Frame>![Map user attributes to guarantee attributes are passed from IdP to SP.](/docs/images/cdy7uua7fh8z/Self-Service-SSO-Provisioning-SCIM-mapping.png)</Frame>
 
-**11. Domain Verification**
+**11. Domain verification**
 
 <Frame>![The last step of the self-service assistant that customer admins use to configure SSO. ](/docs/images/cdy7uua7fh8z/Self-Service-SSO-domain-verification.png)</Frame>
 
-## Using Self-Service SSO
+## Using Self-Service Enterprise Configuration
 
-To learn how you can use Self-Service SSO for your customers, review [Manage Self-Service SSO](/docs/authenticate/enterprise-connections/self-service-SSO/manage-self-service-sso). This resource provides technical information for creating self-service profiles and managing access tickets, as well as useful reference information such as rate limits.
+To learn how you can use Self-Service Enterprise Configuration for your customers, review [Manage Self-Service Enterprise Configuration](/docs/authenticate/enterprise-connections/self-service-enterprise-config/manage-self-service-sso). This resource provides technical information for creating self-service profiles and managing access tickets, as well as useful reference information such as rate limits.