Enterprise Connections Information with the IdP domains for Home Realm Discovery

Problem statement

We use Auth0.js to create a custom login page for the Classic Universal Login experience and want to implement Home Realm Discovery (HRD). However, all the logic for HRD is built into Lock. So we need to implement it ourselves. Where can we find Enterprise Connections Information with the IdP domains for HRD?

Solution

Lock.js retrieves the connection information from the 'https://<AUTH0_DOMAIN>/client/<client_id>.js’; endpoint.

The endpoint returns up to 50 connections and exposes all the IdP domains.

If you are using Auth0.js, you can obtain a list of associations between domains and connections using the above endpoint. Once you have that, do an authorize() request with connection: "<the_connection_name>" in the options (like with social providers).

Please be noted that it is possible to prevent that information from being exposed by using the “Enable Publishing of Enterprise Connections Information with IdP domains” in Tenant Advanced Settings.