Is there any setup with Lock that I could do where I default the connection to “enterprise-okta-saml-connection” anytime the value entered is NOT an email address and default it to the basic database connection if an email address is entered instead?
Basically I’m looking to implement the same exact flow as described in the connectionResolver config option docs but where the resolved connection is an enterprise connection instead of a database connection. Since connectionResolver can only resolve database connections, does anyone have an alternative here?
FYI, I went down the exact same path as you. Finally I thought, “well, the enterprise connection actually could be converted to a database and I could import those users via script every so often.”
What did that leave me with? Two database connections, one using email and the other using username. I set the default connection to be the one with a username. Upon testing, when I entered an email and tried to submit it wiped out the email address and gave me a validation error. If I then re-enter the email address and authenticate, it works.
The point is, if you go down the path I did, be warned it could be problematic. It might be a setup issue, but I ripped out everything but the basic config plus connection resolver with the same issue.
Definitely don’t take this as definitive, but I don’t believe there is a way to do what @straumgard is trying to do, at least not at this time. I’d suggest submitting a feature request to be able to use connectionResolver, or something equivalent, with enterprise connections.