Multitenancy with single Application and Branded Login pages

Hi everyone. I know multi-tenancy has been discussed in a lot of posts, but I’d like to describe a situation that I haven’t seen in the community. Our requirements:

  1. A single parent domain (app.com) with a subdomain for every “tenant” in our system (not Auth0 tenant, but internal tenant to us) (e.g. company1.app.com/singup, company2.app.com/signup etc)
  2. Custom branded login/signup pages and emails for each “tenant”
  3. Passwordless authentication via code sent through email
  4. All using a single Auth0 application - we expect having a large amount of clients and don’t want to have to manage a new Auth0 application for each

My thinking is when a user goes to a particular subdomain (e.g. company1.app.com/signup) (most likely linked from company1’s website) we can pass the subdomain through to our backend and load the appropriate branding data to show a branded login/signup page for that company. The user logs in our signs up and we use our internal authorization database to manage permissions to those company resources. Where we’re getting stuck:

  • What is the best strategy for implementing a customized login page for passwordless connections, or is there a way to customize the Universal Login page based on the “tenant”?
  • How can we customize the passwordless email per “tenant” including the Subject of the email?
  • Is there a better strategy to achieving this based on our requirements?

Thanks very much in advance for any insight.