You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
You already have an Auth0 solution that leverages the Lock widget to facilitate logon
You utilize the Home Realm Discovery feature to build a slick auth experience for users who have their own Enterprise IdP like Azure AD
For those users that don't bring their own IdP you want to be able to place them in separate database connections
Perhaps by e-mail domain or some other arbitrary rule
Problem
Unfortunately today the Lock Widget does not support a Home Realm Discovery experience for Database users. I can see why that might be.
Database connections support a number of different permutations that don't all lend themselves naturally to HRD and so you'd probably need to invest a reasonable amount of time and resources into making that work.
But many of your customers (myself included) would probably not have such open requirements.
We might be able to determine connection name from:
A naming convention (by e-mail domain for example)
An API request
etc
Proposal
From a layman's perspective HRD in Auth0 could be summarized as
"Given a username and some context resolve the name of the connection you'd like to authenticate against"
Could you build an extensibility point into the Lock widget that allows us to inject our own logic here?
Something similar to the below...
// This is hand written and probably contains all manner of syntax errors - be nice :Pvarlock=newAuth0Lock(client,domain,options)lock.show({icon: 'foo.png',callbackURL: '/callback',responseType: 'code',connectionResolver: function(username,context){vardomain=username.split("@")[1];varchosenConnection=context.connections.find(c=>c.domains.indexOf(domain)>=0);// or perhaps...varchosenConnection=context.connections.find(c=>c.name==domain);// Promises to support alternative async scenariosreturnPromise.resolve(chosenConnection.name);}});
Is this an area you would be interested in exploring further?
The text was updated successfully, but these errors were encountered:
Scenario:
Problem
Unfortunately today the Lock Widget does not support a Home Realm Discovery experience for Database users. I can see why that might be.
Database connections support a number of different permutations that don't all lend themselves naturally to HRD and so you'd probably need to invest a reasonable amount of time and resources into making that work.
But many of your customers (myself included) would probably not have such open requirements.
We might be able to determine connection name from:
Proposal
From a layman's perspective HRD in Auth0 could be summarized as
Could you build an extensibility point into the Lock widget that allows us to inject our own logic here?
Something similar to the below...
Is this an area you would be interested in exploring further?
The text was updated successfully, but these errors were encountered: