OpenID by email with restriction by domain, no User Database

Get Help
,
1

Hello community. I’m a newbie. I am testing Free (Developer) version. I would like to find out if it is possible to follow the scenario below:

  1. No User database in Auth0.
  2. Users are from three different organizations - dealer1, dealer2, dealer3
  3. Every organization has its own domain - dealer1.net, dealer2.net, dealer3.net
  4. Every organization has up to 100 users.
  5. Every user has an email - user1@dealer1.net, user2@dealer2.net, user3@dealer3.net and so on.
  6. Authorized access to an external application “example.net” with Auth0 OpenID access by entering only a user email.
  7. A user which does not have email in that three mentioned above domains is prohibited to have access to “example.net”.

In other words - is it possible to setup a login process by entering only email address and allow authorization only for that three domains.

I would appreciate any suggestions, comments, notes etc.
I beleive I am able to setup an environment to test any version in Free (Developer).

Thank you.

VK

3

Hi @vladkh

Thank you for reaching out to us!

I’ve read your use case and there are a couple of directions you can take. Please let me know where would your users be stored, will they be stored externally on the IdP side and Auth0 will only serve for login?
If this is the case, I believe that our Home Realm Discovery feature would work best, as you can request the users to only provide their email address and then redirect them to the appropriate IdP for authentication. This fits well with Organizations to further ensure company identity and branding, as need may be.

I believe the desired flow can be achieved with the above features, but allow me to provide some additional documentations that could also prove useful:

Hope this helped!
Gerald