In my company, we have 3 tenants, one for each environment (dev, stage, prod). The auth URL for the tenants are like https://mycompany-dev.eu.auth0.com , etc. We just discovered that we can send password grant requests to https://mycompany-prod.eu.auth0.com , with a client ID from the dev tenant. H…

Auth0 client can authenticate to another tenant??

ieuan.jenkins June 3, 2020, 12:31pm 2

Sounds like the same issue we’ve encountered here:

1 Like

Topic		Replies	Views
Auth0 not respecting multi-tenancy Help jwt , api , multi-tenant	3	3365	March 24, 2020
Logs in multi tenant application Help jwt , auth0 , hooks	0	1418	December 27, 2022
Safety of multi-tenant app and authorization Help jwt , id_token , multi-tenant	1	3261	August 6, 2019
Ability to grant access to our server environment from a partner Help sso , application	6	638	October 12, 2023
Using Auth0 as Social Login for another Auth0 account Help auth0 , social-provider	6	3526	April 22, 2022