First time Auth0 user.
I’d like to know if this use case can be implemented with Auth0:
We have an SPA and API with users from around 100 organizations. So I have set up my test account as a single instance with multi tenancy. Some orgs use ADFS, others use username/password db connection.
The requirement is that a user can belong to multiple orgs, but can be logged in with only one org at a time. In other words: if a user logs in he must select a single org from a list of org that he or she belongs to. The chosen org must then be reflected in the access token.
I have looked at redirect flow during login, but it seems I cannot update the access token during the redirect. (Changes would not be reflected in the token after resume).
The other option is that I use login_hint or domain_hint or subdomains per org, and somehow use that info to automatically select the correct org and update the token. But that introduces other problems like preventing the user to select an ADFS connection for org A while he is using the subdomain of org B.
Are there any other approaches?