Organization onboarding: How to configure enterprise connection

Hello, To onboard a new organization, we’ll have an internal admin manually add the organization to our auth0 tenant, and invite the first org admin using the built-in auth0 capabilities. Most of our organizations will want to configure an enterprise connection, although some will decide to use the auth0 database.

My question is, who would configure the enterprise connection? I don’t think we’d want our internal admin to do it because the org would have to share a secret with us right? I think it should be the invited org admin, but I’m just wondering how to enable that.

Would we implement a custom interface that collects the enterprise connection settings and then call the auth0 api to add the connection to the org? Or does Auth0 have some hosted interface for this?

Also, I’m curious if you have any thoughts on how we should provide the flexibility for orgs to choose to use a database connection instead. My first thought is we provide an option to choose Enterprise Connection or Database as one of the first steps during the onboarding of the invited org admin.

Thank you in advance for any advice.