Set directory per API request

Hi all,

I have an application which currently uses 2 different stores for users. 1 is a custom database and authentication code, the other uses Auth0 and the API authentication APIs to authenticate users.
I would like to combine the two into a single Auth0 environment and approach, however keeping the databases separated (but hosted in/by Auth0).
The Auth0 API we are currently using, and still want to continue using, is the Authorization Code Flow (POST /oauth/token).

I see that the APIs use the default_directory Tenant setting to select which database/connection to use for authentication. Is it possible to set this setting on a per request basis? This way I could reuse the same application and tenant for both sets of users.

Thanks for the help in advance!

Hi @GuidovTricht,

Welcome to the Community!

I’m a little confused about your current setup. Are you using two tenants?

If both databases (connections) are in the same tenant, you can pass an optional connection param with your request to the /authorize endpoint to specify which connection to use. Here is the doc with and example:

https://auth0.com/docs/api/authentication#database-ad-ldap-passive-

Hi @dan.woda,

Thanks for the warm welcome and the reply! :slight_smile:

We only have 1 tenant, and I am trying to move an external, non Auth0, authentication flow into that same tenant which currently already hosts another flow.
Both auth flows currently host the login and registration forms on our website, and we would like to keep it that way. That means using the /authorize endpoint is not an option, because that requires us to redirect the user to an Auth0 domain.
The endpoint we are currently using is /oauth/token. Can I use the ‘connection’ param for that endpoint as well?

Can you explain what you mean by this?

At this point in the authentication transaction, the connection would have already been determined.

Hi Dan,

Thanks for your reply, I think this answers my question :slight_smile:
The fact that we can’t set the specific connection in a Machine-to-Machine flow means we will have to create a separate tenant for this.

The part about hosting login and registration forms on our website means that we don’t want to use the Redirect flow to redirect the user to the Auth0.com hosted login form, but instead we want them to fill in their username and password on our site and we submit that server-side through the Machine-to-Machine flow.

Thanks for the help!

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.