Feature: Add support for organization parameter in Refresh Token and Password flow.
Description: Authorization Code currently supports the organization parameter, Authenticate a user through an organization. It is not only that org_id claim is being added to the token, but also the information about the organization is added to the rule/action context. However, this is not the case for Refresh Token and Password flow, where the parameter is being ignored.
Use-case: Currently, we have to make a separate request to Organizations API, which is a part of Management API, in order to get organization information in our custom rules, when we handle authentication in Refresh Token and Password Flow. Having organization info pre-populated in the context (it is how it works now with Authorization Code) is very convenient, because it allows us avoiding hitting Management API rate limits and besides improves performance of the authentication process.
I would like to add an important detail here. Refresh Token flow indeed sets the org_id claim, if the refresh token itself has previously been obtained with the organization parameter. However, in our case, we would like the parameter to be supported in the refresh token request, so that an Organization could be selected, even though it has not been selected on the initial authentication.
Feature: Endpoint similar to get token with âResource Owner Passwordâ api authentication endpoint but with ORG_ID included.
Description: Call to the API Authentication of Auth0. When token is received get the org_id inside it. Pass the organization_name or org_id in the headers.
Use-case: In my case I have a native app that use internal login, I would like to do my login and use organizations and users with auth0, I can´t use universal login or any kind of login with auth0. I need to use my own form.
Hey there @dlago! Youâre correct in that as is, you can only authenticate a user through an organization via a call to /authorize. Letâs hope this gets some traction with other community members, thanks for the feedback!
I want to bump this because I also work on a project that involves organization selection after user has authenticated with sms, please include this feature.
Is there any news on this topic? Is it correctly understaood that if I have a user affiliated with multiple organizations and I attempt to refresh the user token, the user will ALWAYS be redirected to the âpick-orgâ login box?