We have a pretty large set of users that currently log in using Username-Password authentication.
We recently added an Okta Workforce connection and a lot of the existing users also exist, with the same email, in Okta Workforce.
Is it possible to link the Auth0 account to the Okta Workforce account?
I have enabled and tried using the Auth0 Account Link extension but I don’t see any extra dialog that occurs during sign in on our SPA.
Additionally, I have enabled the Okta Workforce connection for the SPA but I cannot log in using Okta Workforce credentials - only the existing Auth0 Username-Password will work.
Thank You for that solution. I will look at implementing it.
Couple of follow up questions:
When an Okta Workforce connection is enabled for an SPA, does that SPA try both the Auth0 Username-Password authentication AND the Okta Workforce authentication flows? Or is it just one authentication flow and if that succeeds, the other connection is not attempted.
If a user already has an email that is associated to a Auth0 Username-Password based account, then I would need to manually ask the user to log into Okta so I know they also have an Okta account or is there some API from Okta (like the Auth0 Management API) that would let me find that information during a login attempt?
When an Okta Workforce connection is enabled for an SPA, does that SPA try both the Auth0 Username-Password authentication AND the Okta Workforce authentication flows? Or is it just one authentication flow and if that succeeds, the other connection is not attempted.
Basically, depending on how you set up the connection, you would have 2 approaches:
The enterprise connection ca be set up either as a button or using HRD(Home Realm Discovery). If the connection is set up as a button, the user would need to click on it and authentication will be performed (using the OKTA workforce connection) and the database connection will be ignore.
If HRD is set up on the connection, whenever a user tries to authenticate using a domain inside the HRD list, they will be redirected to the respective IdP using the created connection (Okta Workforce) and the database connection will be ignored.
If a user already has an email that is associated to a Auth0 Username-Password based account, then I would need to manually ask the user to log into Okta so I know they also have an Okta account or is there some API from Okta (like the Auth0 Management API) that would let me find that information during a login attempt?
You should be able to perform an api request using an action or within your application in order to retrieve an user to see if they also have an identity there. Otherwise, for you to link these accounts, they must have authenticated through the Okta Workforce connection.