I am trying to set up Auth0 as an authentication provider for our SPA SaaS application. Each of our customers is an organisation (sometimes of many people, up to thousands or more, sometimes a one-man-band). Many of these, particularly the very large organisations, will follow a sales-driven sign-up process, however, for the smaller organisations and individuals, we will be offering self-service account set up.
We have determined that we need to isolate users by organisation, and the most sane way to do this for us seems to be to create a new connection for each new organisation.
The question, however, is the best way to create the account set-up flow. With the sign-up for our previous SaaS app (not using Auth0), we allowed new users to sign-up as normal, and then used pub/sub to trigger a hook to create a new organisation in our backend in response to the auth system publishing the creation of a newly signed-up user. This was nice, as it meant that the sign-up flow was effectively completely transactional - new user = new organisation, no new user = no new organisation. It meant that we never ended up with orphaned organisations or orphaned users, due to a user stopping during the sign-up flow.
However, in this instance, given we will be using Auth0’s Universal Login system, I am trying to work out a sensible way to let the new user enter their organisation’s name so that we provision the organisation in our backend and set it up in Auth0 as a new connection, before that user then signs up. However, if they don’t complete the sign-up process, we then throw away the new organisation, freeing up that name again.
If the user was to have us provision the organisation (before we redirect them to the Auth0 sign-up flow), but then not sign up, we would end up with an organisation with no users, that even that person cannot set up an account again for.
Is there an established way of doing something like this that we are missing?