I have two spa’s within the same tenant. Let’s call them spa 1 and spa 2.
Is it possible to authorize the users to a specific one based on the organization they authorize for? Our login flow prompts for organization → then email/password → then logs in to the spa.
Would this be easier to do outside of auth0 actions?
Great question - This seems to be a bit outside of the scope of an Action as initiating the login flow to begin with requires passing a client_id. While this client_id is accessible in Actions there isn’t any way to change it dynamically. You will most likely want to handle this logic in your own application before initiating a login, or use organizations under 1 SPA client_id (if possible):
If not done so through an auth0 action how would I achieve this outside within my codebase? Is changing the SPA client ID a valid design pattern?
In this scenario SPA 1 would have to be a default for all users. Depending on what organization the user tries to authenticate with, could I preserve logged in status while dynamically switching the client ID to SPA 2’s?
To give more context, we need two versions of our SPA. That utilize different 3rd party cloud services. Some b2b customers have a restriction against using certain cloud services so we were thinking of verifying this by org name, and either keep them in SPA 1 after authenticating, or redirect them to SPA 2 without making them authenticate a second time.