Setting up SSO for specific teams within large organizations


I’m trying to setup SSO for certain teams within large organizations. For example, I have teamA within Foo organization that wants to configure SSO for our application. If I create the connection for teamA and setup the Login Experience to be Email domain based - then I’m essentially enabling SSO for entire Foo organization who will have the same domain for their emails.

I want to limit the SSO enforcement only to teamA.
Anyone else outside of teamA in Foo organization should still be able to access our application via username/password combination instead of SSO.

Does Auth0 have any features or capabilities that we could leverage to achieve this behavior?