Very much expecting this feature!
1 Like
Same! Excited for this. I was able to implement your workaround of using silent auth after the initial login, but itās pretty janky.
Wow, apparently Iām in luck. I was just investigating this exact situation. Iām glad the feature is coming out June 28th. Thank you!
Additional Question:
In the management API or SDK, is there (or will there be), a way to create a user in a specific organization in one step? As I understand currently, that logic has to be implemented in our app. First check if the user exists in any org. If not invite user to the App. Then assign them to an org. If there was a createUser({org_id:xxx}) that did all those steps that would help streamline as well.
Could you provide some clarity or confirmation on if June 28th is still the target release date? We pushed our launch back to have this feature and are super stoked but want to make sure we are planning correctly. Thanks!
2 Likes
Can it be a beta version ??
In my application I cannot see that new organization screen prompt.
Did you need to do some extra configuration ??
Hi All, The rollout of this feature update has started and may be available in your tenant environment. 
Supporting documentation will be provided once the announcement has been made on the Auth0 Changelog, please keep an eye on the changelog page to find any links to supporting docs.
To get you started and test the feature, First turn the Authentication Profile to Identifier First.
Then go to your Auth0 Application and Organization Tab, there you will need to select the Type of Users, and select the preferred Login Flow (Prompt for Organization)
1 Like
Yeah, I set it up in the dashboard under Applications > {My App} > Organizations
Was easy to set up and seems to be working well for my use case! I was able to delete the silent authentication hack completely.
1 Like
Ok, I spoke too soon 
It seems there is still a limitation, but maybe Iām missing something. First, let me lay out our requirements.
- This is a B2B SaaS app. So we sell to other businesses and their users can log in to use the app.
- There is a self serve flow for new businesses to onboard without any intervention from us. Users may sign up/authenticate without being part of an organization, but must create one before continuing.
- Users should only belong to at most 1 organization (their current employer). So if they do belong to an organization, they should be automatically logged into it. If we do support multiple org membership in the future, they should still never be allowed to log in as āindividualsā.
Problem:
If I select āBusiness Usersā, number 2 breaks. When a new user signs up they get this error.
But what I really want is for them to be signed in and prompted to create a new organization. We have this flow built out already.
If I instead select āBothā, number 3 above breaks. Users can sign in without an org and I can show them the prompt to create a new org. But then they get prompted to log in as individuals or the org, when we really only want to allow authenticating under the org:
Example
Slack is mentioned as an example under āBusiness Usersā, but thatās not quite true. Slack actually has the exact flow Iām interested in. If you sign up as a new user, youāre prompted to create a workspace:
If instead you sign up as a user with only one workspace membership, it logs you right into that workspace:
Sorry for the long post, just wanted to provide as much context as possible. Let me know if thereās a way to configure this flow with this new feature set, otherwise Iāll bring back the workaround where you fetch the userās org memberships and do silent re-auth.
1 Like
Hi @igillis! Good eye on the release catch.
Youāre correct in your assessment of current capabilities. However, weāre scoping out what self service organization creation and sign up should look like as a future roadmap item.
Iāll send you a DM about setting up a time to chat if youāre interested.
1 Like
Sure, that would be great
Hi @sam.frank
We like the new implementation. But thereās one thing we want to know how to make it work.
Currently in our use case we only allow users to sign up through an invitation. The thing is that with the āPrompt for credentialsā option selected we get the regular sign in page, which is fine.
But that page shows the āDonāt have an account? Sign upā link and it allows users to sign up to the app which is not what we want. I tried the āDisable Sign Upsā in the connection which makes it go away. But it introduces another problem. It doesnāt allow users to sign up through an invitation, the invitation page works but when I input the password for the new user, it tells you incorrect password/username which is not the case since the user doesnāt even exist.
Any thought for this?
Hello Adam, would you mind providing an update on the status of point 3 (HRD for Organizations)? My company has a use case that would benefit greatly from this feature.
Single Sign - On: Single Sign-On (SSO) is a mechanism that allows users to access multiple applications with a single set of login credentials (such as username and password). Instead of requiring users to remember and manage separate credentials for each application, SSO enables them to authenticate once and gain access to all authorized resources seamlessly.
Credits: https://www.infisign.io/post/how-does-single-sign-on-sso-work