Google SAML Account Prompt

We are using Auth0 organizations and some of our customers are using a Google SAML application as an authentication method in our tenant.

We have an issue where users are logging into their personal Google accounts and then when they try to log into our application it fails because the session for the personal account is used instead of asking the user to choose which account to use.

We have tried adding "upstream_params": { "prompt": { "value": "select_account" }} to the SAML connection but that does not work and it seems like the docs here say that the upstream_params are not supported for SAML connections: Pass Parameters to Identity Providers

Is there any known workaround for this?

Hi @danielp ,
Thank you for posting!

Do you already have the Google enterprise connection set in the Auth0 dashboard?

In general, a few options exist to make a user login in the context of the Google enterprise connection instead of the social connection. The one you choose depends on your use case.

For example, if a specific organization should use this enterprise connection, you can enable it there and add it as a button to the login page - Enable Organization Connections.

Or, if a specific application uses only this one connection, and you want users trying to log in there to be directed to the enterprise login screen (regardless of the organization membership), you can set your frontend to send the authorization request with the connection parameter set to the name of this enterprise connection -

Please let us know your thoughts and if you have any follow-up questions!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.