Multi-tenant Auth: Who is responsible for what?

We have a multi-tenant SaaS platform and we’re trying to implement authentication. Now, each of these tenants may have specific login rules. For example tenant one may be Username and Password while tenant two may require Enterprise SSO. Also, a user can belong to two tenants simultaneously. Separate Auth0 applications for each tenant seems to be the right approach for us as we can set authentication options at an app level. So the user would enter their email address and based on that option we would then direct them to the tenant login option appropriate to them. We have also taken a look at Auth0 Flows and think that Identifier First SSO is the right fit.

My questions is this:
Do we create the first “enter email” screen and then based on the response direct the user to their appropriate Auth0 app for further login if they only belong to one tenant only or provide a tenant selector first if they belong to more than one tenant?

Thanks in advance for the help.