Support/Replace Organization prompt screen with "choose organization" during login

Hi @justin.chitla ,
From what I understand, during the login flow, the user will only be prompted to choose an org if they are part of more than one.
So for a user with just one org this additional step will be skipped and they will log straight into the application :+1:

2 Likes

Very much expecting this feature!

1 Like

Same! Excited for this. I was able to implement your workaround of using silent auth after the initial login, but it’s pretty janky.

Wow, apparently I’m in luck. I was just investigating this exact situation. I’m glad the feature is coming out June 28th. Thank you!

Additional Question:
In the management API or SDK, is there (or will there be), a way to create a user in a specific organization in one step? As I understand currently, that logic has to be implemented in our app. First check if the user exists in any org. If not invite user to the App. Then assign them to an org. If there was a createUser({org_id:xxx}) that did all those steps that would help streamline as well.

@nathan.jenkins

Could you provide some clarity or confirmation on if June 28th is still the target release date? We pushed our launch back to have this feature and are super stoked but want to make sure we are planning correctly. Thanks!

2 Likes

It looks like this went live a couple days early?

2 Likes

Can it be a beta version ??

In my application I cannot see that new organization screen prompt.

Did you need to do some extra configuration ??

Hi All, The rollout of this feature update has started and may be available in your tenant environment. :partying_face:
Supporting documentation will be provided once the announcement has been made on the Auth0 Changelog, please keep an eye on the changelog page to find any links to supporting docs.

To get you started and test the feature, First turn the Authentication Profile to Identifier First.
Then go to your Auth0 Application and Organization Tab, there you will need to select the Type of Users, and select the preferred Login Flow (Prompt for Organization)

1 Like

Yeah, I set it up in the dashboard under Applications > {My App} > Organizations

Was easy to set up and seems to be working well for my use case! I was able to delete the silent authentication hack completely.

1 Like

Excellent! thanks for sharing @igillis

Ok, I spoke too soon :upside_down_face: It seems there is still a limitation, but maybe I’m missing something. First, let me lay out our requirements.

  1. This is a B2B SaaS app. So we sell to other businesses and their users can log in to use the app.
  2. There is a self serve flow for new businesses to onboard without any intervention from us. Users may sign up/authenticate without being part of an organization, but must create one before continuing.
  3. Users should only belong to at most 1 organization (their current employer). So if they do belong to an organization, they should be automatically logged into it. If we do support multiple org membership in the future, they should still never be allowed to log in as ā€œindividualsā€.

Problem:

If I select ā€œBusiness Usersā€, number 2 breaks. When a new user signs up they get this error.

But what I really want is for them to be signed in and prompted to create a new organization. We have this flow built out already.

If I instead select ā€œBothā€, number 3 above breaks. Users can sign in without an org and I can show them the prompt to create a new org. But then they get prompted to log in as individuals or the org, when we really only want to allow authenticating under the org:

Example

Slack is mentioned as an example under ā€œBusiness Usersā€, but that’s not quite true. Slack actually has the exact flow I’m interested in. If you sign up as a new user, you’re prompted to create a workspace:

If instead you sign up as a user with only one workspace membership, it logs you right into that workspace:

Sorry for the long post, just wanted to provide as much context as possible. Let me know if there’s a way to configure this flow with this new feature set, otherwise I’ll bring back the workaround where you fetch the user’s org memberships and do silent re-auth.

1 Like

Hi @igillis! Good eye on the release catch.

You’re correct in your assessment of current capabilities. However, we’re scoping out what self service organization creation and sign up should look like as a future roadmap item.

I’ll send you a DM about setting up a time to chat if you’re interested.

1 Like

Sure, that would be great

Hi @sam.frank

We like the new implementation. But there’s one thing we want to know how to make it work.

Currently in our use case we only allow users to sign up through an invitation. The thing is that with the ā€œPrompt for credentialsā€ option selected we get the regular sign in page, which is fine.

But that page shows the ā€œDon’t have an account? Sign upā€ link and it allows users to sign up to the app which is not what we want. I tried the ā€œDisable Sign Upsā€ in the connection which makes it go away. But it introduces another problem. It doesn’t allow users to sign up through an invitation, the invitation page works but when I input the password for the new user, it tells you incorrect password/username which is not the case since the user doesn’t even exist.

Any thought for this?

Hello Adam, would you mind providing an update on the status of point 3 (HRD for Organizations)? My company has a use case that would benefit greatly from this feature.