Add organization support for Resource Owner Password flow

Feature:
Allow passing the organization parameter during the ROP flow.

Description:
I have read the current limitations around organizations. Whilst this makes sense for the Client Credentials flow it really doesn’t make sense for the ROP flow. After all, we’re authenticating a user, who could quite well be part of more than 1 organization.

Use-case:
I have a client whose business structure is made up of multiple sub organizations.
Whilst some users are only members of 1 sub organization, other users are members of multiple sub orgs and hold different roles under each.
We need to use the ROP because we cannot handle redirects and all code is executed in trusted environments.

Thanks for adding this feature request @dparker!

+1 for this request.
We use the ROP in some automated tests and therefore had to mock some organization-data. I think this feature would solve some ugly workarounds for us.

not sure, but maybe this topic is related :thinking:
Generate access tokens for organization members (automated testing) - Auth0 Community

1 Like

I have a similar issue where I want to grant API access but need to verify Organization Members Roles. It could be different for each Organization and potential nonexistent for other Organizations they are a member of.

1 Like

Thanks for the feedback @max.fraser and welcome to the Auth0 Community!

+1 - Super surprised that customers using organizations don’t have a way to generate org-scoped tokens for testing.

How are people testing their applications today? Is the only alternative trying to spin up some mechanism to use a headless browser to login?