Login flow with sso separate from username-password on same screen

What we wanted is:

  • On main login page, user name password always shows up. So not identifier first.
  • There is a separate section to login via SSO on this page.
  • However, we don’t want one button per SSO Enterprise connection (since we will be showing options irrelevant to most users if we do that).
  • We just want one email field and one button below the username-password section, which then takes to the flow for SSO as if identifier first is now enabled for it.

I am curious if this is achievable with New Universal, or if it requires a new feature request? We could not get this exact UX with New Universal. If we show connection as button then each enterprise connection shows a button and we don’t want that. We essentially want identifier first but only for that SSO section. We could not figure this out so we have switched to classic universal with the ‘Lock’ template which allows with ‘sso:true’ to - kind of - achieve this. We have ‘identifier+password’ setup in Auth profile. Now when we enter email we see password field goes away and we can sign in with SSO (the one that is configured for this domain). So this gets us pretty close but not quite the above UX.

Also this means we lose the new universal login functionality and have to implement the login page custom (using lock.js template)

If this is considered a new feature request, that also works if Auth0 can consider it.


Hi @auth0rocks !

It would not be possible to use a combination of Identifier first along with Identifier + Password within the same tenant, since its a tenant level configuration.
If you wanted to continue to use New Universal Login, you could look to achieve this UX by having two Auth0 Tenants, one configured for DBs connections and the other for SSO and Identifier First. Although you wouldn’t be able to have a button on the Auth0 prompt to take the user to the alternative login prompt, you could look to add your own button/text and logic by Customising the Page Template. See examples such as the page footer with links etc. for ideas.

Hope this helps!

1 Like

thanks yeah indeed it’s sad we had to leave New Universal login just because we wanted this workflow tweak

we are currently doing

  • classic universal login
  • custom login template with lock.js with sso=true (works but we have to maintain this page)
  • custom reset password page

we basically get the sso:true to get us partly there since it auto turns on SSO once email is typed fully

will also checkout customizing new universal login ideas if those work for us