Hello,
We currently are using the New Universal Login experience and a combination of several Enterprise Connections (using Identifier first) and local Auth0 accounts using databases.
Today, if a user specifies an email domain which is attached to a connection, Auth0 recognizes the domain and automatically redirects to that connection. Great, this gets us half way there.
Question. For some of our “tenants” we have several email address domains (gmail.com, yahoo.com, etc) which prevent us from using identifier first for tenants which must use one specific connection 100% of the time.
Is there a way to pass in an additional parameter in our OIDC request to force a specific connnection to be utilized automatically? We also have a React client which would need to do the same thing.
Basically, something like this:
if user is attempting to access a resource tenant a, redirect anonymous user to Auth0 and force Connnection “sample-connection-adfs” to authenticate the user in all cases.
if any other tenant, follow the normal Auth0 flow by showing a username/password prompt.
Ideally, we don’t want end users of any tenant to be able to see a list of customers or organizations and we don’t want to show all of our connections. We would like to make this determination programmatically depending on the tenant configuration.
Thanks.