Hello everyone, I have a question and would like to know which is the best approach for my desired solution.
I am working in a multi tenant system and so far all my connection have the sign up disabled through the connection itself. The point is that now some applications might need to have this option enabled. I know I can use the pre-user-registration ticket and if the client id does not belong to one of the allowed ones, then return an error, but this creates a problem to the business. Basically I need to be able to show/not show the sign up option depending on the client id.
I read about have another connection, but I don’t think this would be a good option because I would need to have both connections synchronized. Anyways I would like to know how to keep the two connections with the same data always
I am eager to hear about any suggestion, thanks in advance
Hi @jose.companioni,
Welcome back to the Auth0 Community!
As stated in this Knowledge Article, you can only modify New Universal Pages tenant-wide, not application-wide.
However, suppose your use case is so specific that the New Universal Experience is not customizable enough. In that case, you can create a custom Login page in your application using HTML and CSS and authenticate your users using the auth0.js library. This way, you can make a custom page with the Sign Up button only in your desired apps.
If you have any other questions, feel free to reach out.
Have a good one,
Vlad
Thanks for your answer @vlad.murarasu , anyways I would like to know which options I have that don’t involve creating the login page by myself because we already have our flow designed entirely using the universal login. So, what about having a separata connection and synchronize them? I mean, any other suggestion?
1 Like
Hi again @jose.companioni,
The core issue is that even if you hide the sign-up button for certain apps, the underlying user database (the Auth0 Connection) is still shared.
Here’s the scenario that breaks this solution:
- App A is a public-facing app that can show the “Sign Up” button.
- App B is a private, internal tool and should not allow new sign-ups. You build a custom UI for it that hides the button.
- A user discovers App A, creates an account, and gets registered in your shared Auth0 user database.
- That same user can now go to App B’s login page, enter the credentials they created via App A, and successfully log in.
The system has been bypassed. You’ve only hidden the door on one app, but the user was able to create a key using another app that works for all doors.
I’m unsure if synchronizing the user databases is the best idea, either. You might need to have all the users from App B mirrored with the ones in App A, and not the other way around, or else there wouldn’t be a point. However, that also sounds like it would be complicated to manage in the future.
I’m afraid that if you want them to share one pool of users, you might need to allow all apps to do sign-ups or not allow any.
Have a good one,
Vlad