Preventing login when user is not a member of the organization

Hello! We’re using the organizations features of Auth0. When an existing user attempts to logs into an organization for which they are not a member, I expected the login to fail. However, it seems the login succeeds, but then when we use the Auth0 SDK we get an error from the SDK (specifically, we’re using the useAuth0 hook from @auth0/auth0-react):

    "error": "access_denied",
    "error_description": "user samlp|example-identity-provider|auth0|1234567890 is not part of the org_XXXXXXXXXXXXXXXX organization"

Is there any way we can configure Auth0 to prevent the user from logging in if they’re not a member of the organization to which they’re logging in?

1 Like