Setting up multi-tenant OIDC connections — how do you manage per-tenant configurations?

code-vj · November 14, 2025, 12:27pm

Hi everyone

I’m currently building a B2B SaaS app where each tenant can connect their own IdP (Okta, Entra ID, Google Workspace, etc.) using OIDC.

Auth0 handles this pretty well with “enterprise connections”, but I’ve been researching how to achieve similar flexibility using custom OIDC layers.

For instance, SSOJet provides a way to dynamically load tenant configurations from a database and handle both SP- and IdP-initiated flows.

Curious — how are others managing multi-tenant OIDC configuration in Auth0? Any best practices or pitfalls?

Thanks in advance

remus.ivan · November 14, 2025, 8:11pm

Hello @code-vj,

Welcome to the Auth0 Community!

I am looking into your use case, so please allow me some time to provide a more detailed response to your inquiry.

Thank you!
Best regards,
Remus

remus.ivan · November 17, 2025, 8:49pm

Hello @code-vj,

Welcome to the Auth0 Community!

The primary and best-practice solution for this your B2B SaaS scenario is Auth0 Organizations, being the specific built feature to solve the multi-tenant problem and providing the dynamic configuration you’re looking for natively. This approach allows to securely and dynamically connect to any OIDC-compliant Identity Provider your company uses, whether it’s Okta, Entra ID, Google Workspace, or another. Check Enable Organization Connections.

You can create an Organization for each customer, then attach one or more Enterprise Connections to that specific organization. This is all manageable via the Auth0 Management API for automatization by endpoints such as:

Creating an Organization using the POST /v2/organizations endpoint
Add connections to an organization using the POST /v2/organizations/{id}/enabled_connections endpoint

The SP-Initiated Flow is handled perfectly within the Identifier First Authentication, which allows prompting the user both for their credentials or their organization first, so I would recommend checking our documentation.

This is the modern, standard way of achieving your desired architecture, since creating separate connections per tenant would be very difficult when thinking of scalability.

I hope this helps, and if you have further inquiries please let me know!
Thank you!
Best regards,
Remus

system · December 1, 2025, 8:49pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Allowing each tenant to access his own dashboard Get Help	2	4299	January 9, 2019
Multi-tenant application Get Help	2	3892	July 29, 2019
Registering multiple SAML IdP to one SAML SP Get Help saml , auth0js , multi-tenant , auth0-sdk	2	4836	March 2, 2018
Approach to a multi-tenant enterprise app Get Help multi-tenant , multiple-domains	3	5551	September 5, 2019
Auth0 multi-tenant architecture - Multiple Database connections Get Help connections , multi-tenant , database-connections	2	4570	March 2, 2018

Setting up multi-tenant OIDC connections — how do you manage per-tenant configurations?

Related topics