Login flow with sso separate from username-password on same screen

auth0rocks · September 20, 2023, 3:48pm

What we wanted is:

On main login page, user name password always shows up. So not identifier first.
There is a separate section to login via SSO on this page.
However, we don’t want one button per SSO Enterprise connection (since we will be showing options irrelevant to most users if we do that).
We just want one email field and one button below the username-password section, which then takes to the flow for SSO as if identifier first is now enabled for it.

I am curious if this is achievable with New Universal, or if it requires a new feature request? We could not get this exact UX with New Universal. If we show connection as button then each enterprise connection shows a button and we don’t want that. We essentially want identifier first but only for that SSO section. We could not figure this out so we have switched to classic universal with the ‘Lock’ template which allows with ‘sso:true’ to - kind of - achieve this. We have ‘identifier+password’ setup in Auth profile. Now when we enter email we see password field goes away and we can sign in with SSO (the one that is configured for this domain). So this gets us pretty close but not quite the above UX.

Also this means we lose the new universal login functionality and have to implement the login page custom (using lock.js template)

If this is considered a new feature request, that also works if Auth0 can consider it.

Thanks!

nathan.jenkins · September 28, 2023, 7:48pm

Hi @auth0rocks !

It would not be possible to use a combination of Identifier first along with Identifier + Password within the same tenant, since its a tenant level configuration.
If you wanted to continue to use New Universal Login, you could look to achieve this UX by having two Auth0 Tenants, one configured for DBs connections and the other for SSO and Identifier First. Although you wouldn’t be able to have a button on the Auth0 prompt to take the user to the alternative login prompt, you could look to add your own button/text and logic by Customising the Page Template. See examples such as the page footer with links etc. for ideas.

Hope this helps!

auth0rocks · October 3, 2023, 2:26pm

thanks yeah indeed it’s sad we had to leave New Universal login just because we wanted this workflow tweak

we are currently doing

classic universal login
custom login template with lock.js with sso=true (works but we have to maintain this page)
custom reset password page

we basically get the sso:true to get us partly there since it auto turns on SSO once email is typed fully

auth0rocks · October 3, 2023, 2:27pm

will also checkout customizing new universal login ideas if those work for us

Topic		Replies	Views
Universal login show multiple connection buttons instead of email input Help classic-universal-login-experience , login-experience	5	17	November 6, 2024
Hide Certain Login Options for Specific Application Help identifier-first , login-experience	4	356	April 19, 2024
Custom login page with identifier first login Help identifier-first , login-experience	2	506	November 21, 2023
OIDC Connection and Username/password is only showing username and password fields on login Help oidc , enterprise	3	2964	September 29, 2020
Fine-Grained Authenticator Options Help login-experience , login-prompt-new-experience	2	134	June 7, 2024

Login flow with sso separate from username-password on same screen

Related Topics