We have an Application which in the Organization tab is set to Business Users → No Prompt
We are generating a link to the login page which looks like:
https://{our_domain}.eu.auth0.com/authorize?client_id={application_id}&response_type=code&redirect_uri={url_of_our_platform}&scope=openid%20email&organization={an_auth0_org_id}
When visiting that link we are correctly shown to that organization’s login page. That particular org has both a db connection and an openid enterprise connection
When filling out credentials to get logged in and clicking log in we get an error of:
https://{url_of_our_platform}.com?error=invalid_request&error_description=parameter%20organization%20is%20required%20for%20this%20client&state=h5CpwjZn60LWZ0vqUv6m_-WA
Things we know:
- it is picking up the organization parameter in the first request as it takes us to the correct orgs login page and if you change organization param to something invalid it errors earlier
- this error happens when attempting to log in with sso or db
- response_type of code or token doesn’t make a difference to the error