I have been dealing with an issue where the email domain that is written in my enterprise ADFS home realm discovery is not being recognized. I have triple checked that word for word it is written in my HRD and in the login.
Here’s what I know:
I am using enterprise ADFS SSO
The ADFS connection is enabled with my application
Displaying the connection as a button works, but it won’t pick up on the email domain
The application uses business users - prompt for credentials
The ADFS enterprise is the only enabled connection
Please let me know what I can do. If there is more information I can provide I’d be happy to send it. I have tried a similar forum which said to put the domain in the HRD identity provider list, but I already put the domain there.
Hi,
Thank you for the response!
Unfortunately I already have the Identifier First option selected.
Do you know if any other issues that could be causing it?
I’ve done all of these:
Enterprise connection is enabled for my application
The email domain exactly matches the domain added in the domain field
Enterprise direct login works
Only one connection to the app, no conflicting connections
Authentication Profile is Identifier First
No typos on domain name
No logs show up when trying to put in email
The most likely cause of this issue is a customized Classic Universal Login page. The absence of logs indicates the problem is happening client-side, within the login page’s code, before the email is ever submitted to Auth0’s servers to be processed for Home Realm Discovery (HRD).
In your Auth0 Dashboard, go to Branding > Universal Login.
Scroll down and click on Manage Classic Login tab.
See which experience is selected: New or Classic.
If you are on “Classic”: This is the likely source of the issue.
Switch to the New Universal Login experience. It is fully managed by Auth0, always up-to-date, and designed to handle flows like Identifier First correctly out of the box. Also go to the Login tab and uncheck Customize Login Page for the New Universal Login experience to take place.
If you must remain on Classic, go to the Login tab. At the bottom of the HTML editor, click “Reset to Default”. This will restore the template to a known-good state. You can then test HRD again. If it works, you can cautiously re-apply your branding customizations.
If you have any other questions, feel free to reach out!
I made a support ticket and the issue was that I still was using Business Users login experience and not Individuals. The language was a bit confusing but it seems that Individuals is the way to go for my scenario. Changing that fixed the issue for me. I appreciate the time you took as well.
