Home Realm Discovery Not Working for Okta Workforce Connection Using Classic Universal Login with Lock.js

Problem statement

When creating an Okta Workforce Enterprise connection, Home Realm Discovery (HRD) does not work when using the Classic Universal Login experience with Lock. All other Enterprise connections work fine, but the domains configured for the Okta Workforce connection don’t trigger HRD.


In the Classic Login page using Lock, when entering an email address ending in a domain that’s configured for HRD in the Okta Workforce connection, the password input does not go away, it keeps asking for a password.


The Okta connection type is a relatively new feature in Auth0 and is only supported in one of the latest Lock.js versions v11.34 as per this release note.


Navigate to the branding page in the Auth0 Dashboard and update the current Lock version to the latest available version:

<script src="https://cdn.auth0.com/js/lock/11.x.y/lock.min.js"></script>;

The latest updates can be found here: GitHub - auth0/lock: Auth0's signin solution

Please remember that once the customization toggle is flipped on for a given Universal Login page, that page can no longer be automatically updated by Auth0. It is the responsibility of the Auth0 tenant Admin to update and maintenance of the page going forward. This includes updating the version numbers for any included Auth0 SDK or widget.