Whitelabeling login urls

In our auth0 tenant we have created a custom domain that is login.stage.ourDomain.ai and that is working as intended. We are now exploring options for white-labeling our login url’s for our enterprise customers but are restricted by the limit of 1 custom domain per tenant despite being on the professional plan. As such we have take steps on our end to create a wildcard subdomain *. login.stage.ourDomain.ai and pointed it at the same cname record as our base custom domain. However when we route users to this login page we get a blank page with “This site cannot be reached” and “DNS_PROBE_FINISHED_NXDOMAIN”. How can we support white-labeling our login urls within one tenant if we are unable to register more than 1 custom domain or point our wildcard domain at our registered custom domain?

Hi @alindelbert

Welcome to the Auth0 Community!

Unfortunately, regardless of plan, you are allowed only a single custom domain per tenant. Such an implementation would require a multi-tenant approach. As I have mentioned previously in this community post:

Unfortunately, there is no out-of-the-box solution regarding implementing a White-Label-Authentication for your users using Auth0 since that level of branding is tenant-wide. That means you would need a multi-tenant environment to handle such a feature. As far as I am concerned, in order for you to accomplish this use case, you would need to be under an Enterprise plan since an Essentials or Professional plan are quite limited. Otherwise, you would need to come up with your own implementation in order to achieve this however you might reach certain limitations or problems.

If you want to know more about a multi-tenant approach, I would advise you to review this community post regarding the matter: Whitelabel within multi tenancy

You can also read more about Embedded login here: Centralized Universal Login vs. Embedded Login

If you have any other questions regarding the matter, feel free to leave a reply and let me know!

Kind Regards,
Nik

So does this mean in order to simply brand a customer login screens, emails and login url I will have to essentially copy all of the other configurations I do from one tenant to another? The application, database connections, triggers, email templates, ect, ect…

Or is there a way to create a semi-shared multi-tenant environment? Or I suppose copy a tenant?

The only org based branding available is the logo, primary color, and background color?

And there is no allowance for creating further subdomains on top of our custom domain to such that we could have customerOne.login.stage.ourDomain.ai, customerTwo.login.stage.ourDomain.ai ect?

Hi again.

If you require to copy and import configuration from one tenant to another, you can use tools us as Terraform. You would need to configure your tenants in order to handle the white labeling feature, in order to provide a customized login URL for the users. Of course, this would be a custom implementation of the feature since Auth0 does not support white labeling out-of-the-box.

For the organization brandings, the ones you mentioned above would be the only ones available.

Regarding subdomains, you can manage subdomains via your DNS configurations and the provider, this is not something that is or can be done implicitly via Auth0.

If you have any other questions on the matter, let me know!

Kind Regards,
Nik

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.