Invitation flow implementation & correct use of auth0's organizations


Overall there are two topics we want to clarify/need help with.

The project context

We have an angular frontend application in combination with a Java Spring Backend. The users can sign up theirselves to explore our content. Additionally we want them to be able to join one organization each, where they’re working at. This organization has own content, which should be accessible for a user, if he joined this specific organization.


We want the users to be able to sign up/sign in and join an organization. These things are working fine.

But here are also the first two questions.

Are we using the organizations from auth0 to represent our customer organizations correctly in terms of context? Or are there any better solutions?

The next main feature we need are invitations. These invitations should invite a user to an organization. The flow for this:

  1. A registered user, who is already a member of one organization, creates an invitation for a user (he knows the email of the user) to invite him to this organization. It shouldn’t matter, if the invitee is already registered.

  2. the invitee should receive an email with a link to join the organization.

  3. if he clicks on the click he should be able to register or login to his account and should be automatically added to the organization, where we was invited to.

problem description

We’re having some problems with implementing and setting up the invitation flow. Especially here: Invite Organization Members at “configure the uri” and “specify route behavior”.

How should the look like? It’s getting the invitation parameters, but what’s the task of this uri.

/authorize: When do we need to do this call? What are the prequisites for doing this call? Like should the user be authenticated in the current session and signed up already or should it be done by our backend? Are there differences between single page application and regular web application?

what we’ve tried so far

  • We used the angular example, you can download if you’re creating a new single page application and we added the callbacks like allowed login Uris, allowed logout Uris and allowed web origins. The standard behavior with signing in and signing out worked as described/expected.

  • I added a button to the angular app with a hardcoded request to /authorize (I used the /authorize endpoint, which is in the application settings > advanced settings > endpoints). Before I created an organization and created manually an invitation. I have extracted the invitation information and added them like in the /authorize docs described as parameters to /authorize url.

If I just opened that link on the web (paste the link into my browser’s search bar), I’ve got an “something went wrong” with technical details: “invalid_request : no connections enabled for the client”, but there is a database connection for user/password-authentication, which is also enabled in the application settings.

I also tried adding a button to the angular application which does a the request with the /authorize url, but that ended up in: preflight response is not successful.

Thank you really much for helping!

1 Like