We are looking to use our SSO IdP (Auth0) that we use for our customer facing Perspective project as our authentication for the gateway as well.
Setting it up to authenticate was fairly simple. However, I have one question.
When Auth0 is down/inaccessible, how would we be able to login to the gateway during that time? Can we set some sort of failover? I only see a failover option for User Source, not IdP.
No. IdP themselves cannot do failover. Ignition's built-in IdP gives the appearance of failover support because it delegates to a user source, and that user source can do failover.
I recommend you not use any non-local IdP for gateway configuration auth.
Had a client so this with Azure AD. They forgot to renew the token. No one could log into the client or the designer/web configuration. Had to go into the console and do a password reset to get them back in to set up the new token and get it running again. They were freaking out and didn't know why until we looked at the logs after we got back in.