We are currently in the process of adding an azure AD connection to our app to onboard a new customer who requires this. We are using the new universal login flow and we currently have 2 organizations set up. One organization has a database connection while the other organization has an enterprise connection with azure AD. In the “Authentication profile” we have chosen for “Identifier first” as the login flow as this is required for home realm discovery. On the azure ad enterprise connection under “Login experience” we have configured the identity provider domain for home realm discovery. When I test the connection it correctly sends me to https://login.microsoftonline.com/ and I can properly login.
When calling the loginWithRedirect in our single page application we pass the email as login hint, but instead of redirecting me to the microsoft login page I am prompted for a password on auth0 universal login page. To me this seems like it is using the database connection instead of the enterprise one and failed to do home realm discovery.
I also tried not passing the email address and leave it up to the new universal login flow, but when I fill in the email on the login flow it still asks for a password instead of redirecting me to microsoft.
When I specifically pass the organization with the loginWithRedirect method it does give me the option to continue with microsoft, but also shows my email with a button continue in the same dialog.
I am not sure what is exactly going wrong here and why the home realm discovery does not work.
Any help would be greatly appreciated.