We used Microsoft socials connection initially on our auth0 app which worked fine for personal accounts but didn’t allow work accounts, we switched to enterprise connection to allow work accounts. **Accounts in any organizational directory (Any Azure AD directory - Multitenant)**
In the azure AD we allowed all types of accounts and updated all settings but in Auth0 the common endpoint toggle is disabled as advised by our auth0 helper. Who suggested we used oid instead of sub which will change by microsoft and result in a different account being created but to allow all types of account to login with microsoft we need to enable the common endpoint.
The solution recommended to us by auth0 team was to create separate enterprise connections for each of the teams in auth0 but that does not seem like a valid solution.
My question is if the issue with sub is changing then can i setup a pre signup or login action to check email and update the sub based on the email if it already exists is that a possible method to enable common endpoint and allow all types of accounts. Or is there a different method that other apps use because they allow all types of accounts.
Hi @ali6
I’m not sure I understand the problem you encountered. Could you please clarify what you mean by:
-
Who suggested we used
oidinstead ofsubwhich will change by microsoft and result in a different account being created but to allow all types of account to login with microsoft we need to enable the common endpoint. -
My question is if the issue with sub is changing then can i setup a pre signup or login action to check email and update the sub based on the email if it already exists is that a possible method to enable common endpoint and allow all types of accounts.