The current solution has friction as it requires users to remember their organization name exactly, in addition to their login credentials.
A cleaner solution would be for the user to enter their email address and be presented a list of organizations they are part of. Selecting one of them would then continue the process on the organizations login screen.
The majority of SAAS offerings used for B2B with organization/tenant segregation work like this. Outside of Auth0 I’ve never seen anything that requires me to type in an organization name and I see the friction in the process at present as a flaw in the implementation.
Having the user pick from a list of organisations is way more logical to me than having them enter an organisation-name. Adding this feature would be greatly appreciated.
Yes, the Organization Prompt is not user friendly at all. People have already trouble remembering their credentials.
While a solution is being built by Auth0, is there a workaround or alternative solution?
Hi all, we’re currently in development for a few capabilities that relate to the asks in this thread. At a high-level, the updates will be as follows:
Integrate Organizations with Identifier-First Login flow, such that end-users can log-in to a generic application login prompt (as opposed to having to find or be directed to an Organization-specific login prompt).
Support the existing Home Realm Discovery behavior so that a single user with multiple organization memberships can first be authenticated, and then optionally select from the organizations that they belong to before being redirected to your app with the appropriate org_id in their claims.
Introduce the ability to associate an email domain with an Organization, to support your larger business customers who may have users with email addresses that share the same email domain but are expected to authenticate using different IdPs.
We’re planning to begin rolling out these capabilities early next year. Note that the design and timing is subject to change. Thanks for your patience.
Thanks Adam, sounds good at a high level. If you are interested in early feedback on the experience, please let me know.
As we will be initially restricting users to just one Org, we will attempt to use an Auth0 post-login action with the management API to get the organisation that a user is a member of. Then add the Org ID as a claim (perhaps we need a custom namespace?). This will work for us in the short term until we open up more sophisticated cross-org access.