Overview
This article clarifies whether a user can be made a member of multiple Organizations for a single login event when using auto-membership (Just in time membership).
Applies To
- Organizations
- Auto-membership
Solution
Currently it is not possible to automatically make a user a member in multiple Organizations for a single login event.
If more than one Organization has the same connection set to use auto-membership, when using no prompt or prompt for credentials login flows, the tenant doesn’t know which Organization the user should be made a member of.
Therefore, sending an Organization ID in the /authorize request is needed. Please see the documents below for more details.
As only one Organization can be logged into at a time, the user would need to log in again using the other Organization. This can be achieved by passing the relevant org_id as an “organization” parameter in the /authorize request to force them to be logged in against the other Organization, which also has the same connection with auto-membership enabled. Or they could be invited/added directly as a member of the other organization via the tenant dashboard / Management API.
As the user already has a session with Auth0 on the relevant connection, they shouldn’t be prompted for credentials again in the second login flow.