We have a use case when organizations have only single connection (SAML in our case). Auth0 in this case will skip our branded login form and redirect directly to the users IDP. This can be quite confusing for the users, because their IDPs do not show our company name/logo as universal login page does. So for the users it is unclear that they are actually logging in to our web application. If organization has more than one connection, this is not an issue (Auth0 will display a login form with connections to choose from). Please note, this issue does not have anything to do with force re-authentication (if the user already has a session in Auth0, we are okay with login forms being skipped).