So, everything worked perfectly until I decided to invite an admin into the tenant dashboard. Coincidentally or not, his admin account is signed up with the same google oauth2 account as the end application user (which he already was from the beginning, with no issues).
Then, without changing any other dashboard settings, we started experiencing very strange bugs.
At some point after signing in, the second admin saw no applications in the dashboard. It’s as if they were deleted. But after signing out and back in again, they were still there.
Now this one is the strangest of all, and has seemingly nothing to do with the admin. Some end users reported that after logging in to application ABC at url
https://abc.com/login, they were redirected by auth0 to
https://staging.abc.com, which is a different frontend instance sharing the same auth0 app. This issue is also not replicable and started happening randomly. Again, nothing was changed on our side, frontend code is also the same.