Hello,
I am new to Auth0 and here is my scenario.
In my case, Auth0 is a central IdP that forwards users to other IdPs for login based on certain criteria (e.g. email)
To implement this scenario, I use Open ID Connect with Enterprise.
Basically, everything works as expected except for one thing.
I receive information as a claim from the IdP where the user logs in. Unfortunately, I can only read this information to a limited extent in the mapping part of Enterprise for OIDC.
I would like to read from the claim of the other IdP whether it contains a specific group. If the group exists, I would like to set a customClaim.
Example:
- user wants to log in and enters an e-mail address. (UI from Auth0)
- using this e-mail address, he is forwarded to another IdP and can log in.
- as soon as he has successfully authenticated himself, I want to be able to read the claims from the other IdP and react to them.
How can I implement this scenario?
I have already tried exports.onExecutePostLogin. But here I do not receive any information about the claims of the other IdP.
Then I asked myself if exports.onExecuteCredentialsExchange could be the right way. Here I can read and set claims.
I hope you can help me 