I’d like to ask few questions to check if Auth0 fits my needs and how to achieve it.
- I’d like to create multi tenant app lets call it app.com.
- Every tenant will get own subdomain which will determinate which tenant we are talking about: my-company.app.com
- One email can attend multiple tenants (but in each tenant it will be different user) . So I can be in my company tenant, I can join other organization tenant etc.
- The stack is: node.js api server, SPA client, mobile client
- I’d like user not left my domain / tenant subdomain at any point: I’d like to keep login form (which fit my design) on my SPA and not redirect to Auth0 domain to authenticate
- I’m planning to create one database connection per tenant - that will solve my issue with the same email in multiple tenants - but is it a right way? Maybe there is better idea?
- How can achieve logging from my sub domain? Which grant type will solve that? SPA client will be first party app. Is that even possible?
- What about activation links, reset password links etc - am I possible to keep it under my domain? I’m forcing that to not confuse users and redirecting them outside of my application.
I hope all my assumptions and questions are clear.