Problem statement
The following configuration is in place:
- Enable username and password login via Auth0 DB
- Enable SSO enterprise connection Azure AD
- Enable both connections for an application
- Enable identifier first
When a user stored in the database connection tries to log into the application by entering the password and clicking “continue”, the user is redirected to the Azure login page. The user should be prompted to enter the password instead.
Cause
The domain of the user’s email is the same as the “Microsoft Azure AD Domain” configured in the Microsoft Azure connection.
Solution
That is how it is working as per the current design. The user’s email domain will be compared with the identity provider domains. If there is a match, users will be redirected to the identity provider. If there is no match, users will be prompted to enter their password. This is also detailed in the UI.
