I’ve currently got a requirement for users to login using MFA via the auth0 API. We’ve got built in authentication in our app so I’d be using a custom db login script to authenticate the user via our app first before we can proceed with MFA and auth0.
This setup is working fine with a static hostname but the problem is we’ve got a multi-tenant setup at our end meaning that users would come from different domains. My question therefore is, how can I route the authentication to the correct application via the login script? i.e example.acme.com, anotherexample.acme.com
One thing I’ve read about is using auth0-forwarded-for in the header and then using the IP’s which will be perfect however, I’m not sure how to access that header value once the request hits the login script from my application. Any ideas?