Azure AD enterprise connection through URL only

Hello,

I’m having some trouble. We have a single page application where users from a number of different organisations can log into.

We have successfully implemented an enterprise connection with Azure AD for one of those organisations. By design, this connection won’t allow users from other organisations to login using it. Due to this we want to remove the button from the universal login page so that people from other organisations don’t click it.

However we would like the organisation who enabled it to be able to use the enterprise connection.

So my question is - Is there a single URL that we could give that organisation so that they could use it from their internal system to log into our application using Azure-AD?

Maybe something like the URL below which we are taken to if we click the Azure AD button when it is included in the universal login?

https://login.microsoftonline.com/EXAMPLE_ORG.onmicrosoft.com/oauth2/authorize?resource=https%3A%2F%2Fgraph.windows.net&response_type=code&client_id=c1****-46*3-b2ee-2996b9&redirect_uri=https%3A%2F%2Fblon.eu.auth0.com%2Flogin%2Fcallback&scope=openid&state=oQDydpjcP1Z0lhVRLFmcm88-

Any help is greatly appreciated.

All the best,
Simon

Hello, @simonmullaney - welcome to the Auth0 Community!

Yes! We totally support your scenario.

You know how you have to build a call to the /authorize endpoint in order to display your Universal Login Page? Well. Luckily, the /authorize endpoint supports the use of the connection parameter, which takes the name of the connection in order to use that for authentication. And, if it’s a federated connection (as in the case of Azure AD), it redirects to the connection automatically, bypassing the Universal Login Page. For example, if my Azure AD connection is called my-internal-waad, I would have to add the connection=my-internal-waad parameter.

Bear in mind, however, that this will force the user accessing that link to use the connection that you are specifying. There is no way to ‘go back’ and select another connection, or use a Database connection with username and password for Auth0. Once you use the parameter, you must log in with the specified connection.

Let me know if this helps!