Home Realm Discovery not Working for Organizations with multiple connections

Hello everyone!

I need your help with something… I have an organization with a single Google Workspace connection, and right now, what happens when I try to log in, is that I am being redirected to the Google sign-in page immediately without showing the universal login page, but that is confusing for the users, so what I want to do is to somehow always show the universal login for the user, so they can click on the organization button, and then go to the google workspace sign in page.

I have tried what I found in this other post, but the HDR configuration is not working as expected. I get a page with the Google Workspace connection button and the field to enter the email. Still, when I enter the email and click on continue, I don’t get redirected to the Google Workspace sign-in page; instead, I get redirected to the Universal Login page to enter the password.

I already checked the domain on the HDR configuration for the Google Workspace connection, and it looks good, what am I missing?

Thanks in advance for your help!

1 Like

Hi @hhurtado , welcome to the Auth0 community!

It sounds like you are experiencing a behaviour that occurs when the connection is not enabled for the actual organization within the Auth0 Tenant. Please can I suggest double-checking that the Google Workspace connection is enabled in a least one of the specific organizations, this should then allow HRD to work in the identifier first field.
If you have only enabled the connection in the application but its not associated with an organization you may still see the button within the widget but HRD will not work as expected.

Hope this helps!

Hi @nathan.jenkins thanks for the response!

I just double-checked and I can confirm my enterprise connection is enabled for my organization, and my application doesn’t have any connection enabled. I also confirmed my enterprise connection is the only one with HDR enabled with the domain I am using for testing.

I am not sure if I need to check something else.

Regards!

Hi everyone!

With the help of @nathan.jenkins, I was able to get the expected behavior from HDR.

I had to enable the Enterprise Connection with HDR on my application and my organization.

So, to summarize this is the setup I have and that is working:

  • I have enabled the Identifier First Authentication Profile
  • I have an Enterprise Connection with HDR enabled for an email domain, like example.com
  • I created an Auth0 DB connection as placeholder
  • I have an organization with 2 connections enabled
    • The enterprise connection with HDR enabled
    • The placeholder Auth0 DB connection
  • I have one Application that has this setup
    • On the Organizations tab
      • For Type Of Users: Business Users
      • For Login Flow: Prompt for Credentials
    • On the Connections tab
      • The enterprise with HDR is enabled

The key part I was missing was enabling the enterprise connection for the application.

Thanks for your help Nathan!

Regards!

3 Likes

Thanks @hhurtado for providing the update and information to help others, much appreciated :pray:

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.