How to run multiple groups of users on different domains in the same tenant

We have the following use case: We have both single users and company users which are grouped together by their company. We handle the grouping on our side in our database.
Now some companies want our application to run on their custom domain.

Given that we dont run multiple backends or web apps, but the one web app will be accessible via multiple domains:

Is there a best practice for how to achieve this?
The straight forward way is to add all the different domains to the allowed callback urls of the application. But this would mean that every time we onboard a new group of users on a custom domain, we would need to add this domain to the application’s allowed callback urls. What if there will be a limit in the future?

Another option is to let the company customer run the frontend on their servers and we add a new application to our auth0 tenant. But the problems remain pretty much the same. A lot of manual work required every time a new group of users is onboarded.

Is there a better way to do this?

To conclude: Is there a best practice or even dedicated way to have multiple user groups that each run our application on their custom domain?

Hi @eriks

You might find Auth0’s Organizations helpful here:

Or you could do the new application per customer approach, but instead of doing it manually, use the management API to add the application.

John

Thank you for your answer!

However, as far as I understand, once we have organizations with distinct authentication schemes, we cannot have single users authenticate via email and password any more?
Also, how would organizations help with running the app on multiple domains?