Hi @nir1,
Thank you for your response and for taking the time to clarify the whole scenario.
In this case, what you have observed is to be expected. Since you have disabled automatic membership but are forcing users to log in through an organization, they will encounter an unauthorized error for not being a part of the organization.
I don’t think it makes much sense for the user to login into an organization that they are never allowed to join.
With that said, could you please clarify if you intend to allow the end-users to log in to your app without an organization?
If this is the case, you will need to exclude the organization parameter in the /authorize request. This will enable your end-users to log in to your app using a social connection while not being a part of any organization.
Please let me know if you require further clarification or have any questions.
Thank you.