Restrict SSO access to multiple organisations for users with same email domain

Need help with enabling SSO for users with same email domain belonging to multiple organizations in Auth0. The users need to be navigated to only one of those organizations and restricted access for other organizations through SSO login. Any help will be much appreciated!

Hi @chirantan.banerjee , welcome to Auth0!

Removing a user from a membership of organization(s) they shouldn’t be part of will prohibit them from accessing the app in these organization(s) context. This doc show how to remove a user from being a member of a specific org - Remove Members From Organizations

A user can access the app only within the context of organization(s) they are a member of and, during a single login, authenticate only with one organization selected to log in.

The diagram below shows what a user with an email domain matching the enterprise connection will be shown - only organizatons they are a member of.

I hope this helps and please let me know any questions!

We do not want to remove any user from any org. We are looking for way to authenticate multi-org users for a particular org through SSO.

Let me try to explain the scenario:

  • Consider a user with an email domain of abcxyz.
  • This user is a member of both org1 and org2.
  • We aim to allow SSO login for org1 while requiring password-based authentication for
    org2.

Hi @chirantan.banerjee ,
Thanks for this information!

Can you please go to your Auth0 dashboard → Organizations → the specific organization for which you intend to enable database connection and under the Connections tab select the database connection?

I do not know details of your tenant setup, but this way you should be able isolate users (in terms of connection they log in from) between organizations (by enabling different connections for different organizations, like google connection for org1 and database connection for org2.)

https://auth0.com/docs/manage-users/organizations/configure-organizations/enable-connections

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.