I have an application which currently uses 2 different stores for users. 1 is a custom database and authentication code, the other uses Auth0 and the API authentication APIs to authenticate users.
I would like to combine the two into a single Auth0 environment and approach, however keeping the databases separated (but hosted in/by Auth0).
The Auth0 API we are currently using, and still want to continue using, is the Authorization Code Flow (POST /oauth/token).
I see that the APIs use the default_directory Tenant setting to select which database/connection to use for authentication. Is it possible to set this setting on a per request basis? This way I could reuse the same application and tenant for both sets of users.
I’m a little confused about your current setup. Are you using two tenants?
If both databases (connections) are in the same tenant, you can pass an optional connection param with your request to the /authorize endpoint to specify which connection to use. Here is the doc with and example:
We only have 1 tenant, and I am trying to move an external, non Auth0, authentication flow into that same tenant which currently already hosts another flow.
Both auth flows currently host the login and registration forms on our website, and we would like to keep it that way. That means using the /authorize endpoint is not an option, because that requires us to redirect the user to an Auth0 domain.
The endpoint we are currently using is /oauth/token. Can I use the ‘connection’ param for that endpoint as well?
Thanks for your reply, I think this answers my question
The fact that we can’t set the specific connection in a Machine-to-Machine flow means we will have to create a separate tenant for this.
The part about hosting login and registration forms on our website means that we don’t want to use the Redirect flow to redirect the user to the Auth0.com hosted login form, but instead we want them to fill in their username and password on our site and we submit that server-side through the Machine-to-Machine flow.
