I am trying to register organizations/users for my B2B SaaS, but I am not having much luck.
I want them to be able to use email/password or social login (google/gmail, initially) which would then register an organization/user in my backend. Once registered, the next step in the flow would be to create an organization subscription on Stripe.
I have set up a tenant, I have both a frontend SPA and a backend M2M application. I have created all of the URLs and URIs, but for some reason, it doesn’t work. I can register a user, but not an organization. Since this is a B2B SaaS, the organization and the Stripe step are the most important parts.
The first user would be the organization’s org admin user and could invite additional users to the application.
I know that this is a common setup for B2B SaaS. Any help/guidance would be appreciated. I am not a developer or a DevOp, so please use plain language in your responses.
From what I understand, the implementation that you are looking for seems to be a little bit complicated. My advise regarding implementing the behaviour that you are seeking would be the following:
After an user is created, create an organization specific to them using the Management API and assign a role to them depending on the use case (assign admin permission to the first user in the organization and other permissions to any other organization user added after them). Finally, you would add this user to the organization.
Make an API call to your Stripe API so that the organization subscription is created and managed by your application
Log out the user because when making the changes mentioned above via the Management API, they will not reflect in the issued token. When they log back in again, they will have the assigned permissions and organization membership. Please take note that your application should be set only to Business Users from the Dashboard ( Applications → Your application → Login Experience → Business Users)
If you intend for other organization users to be added via an invite only flow, you can restrict registration unless the users domain is not registered within the dashboard. This can be done via our Management API
Alternatively, you can build your own signup UI so that you pass this information using API calls to the Management API instead of handling all of this within Auth0 and only handle the login flow within the Dashboard.
You can read more about B2B SaaS application in this blog post.
If I misunderstood anything regarding your implementation or if you have any other questions, let me know!