How to configure an authentication flow to allow redirection based on email domain?

p2-inc / keycloak-orgs

Single realm, multi-tenancy for SaaS apps

Other

367 stars 65 forks source link

How to configure an authentication flow to allow redirection based on email domain? #68

Closed matheushent closed 1 year ago

matheushent commented 1 year ago

Hello. First, awesome work throughout this project.

The documentation states that it is possible to configure an authentication flow in which the users input an email and then Keycloak will check out which organization has the domain verified.

Which are the steps in the authentication flow that enable this behavior indeed?

xgp commented 1 year ago

Hi @matheushent . Thanks for raising this. That's currently a hole in the documentation. We did a blog post a while back on the setup https://phasetwo.io/blog/sso-setup. I apologize if the pace is a bit fast to follow (a criticism we received). The authentication flow section of the video starts here https://www.youtube.com/watch?v=wAeT07JGhOI&t=130s

matheushent commented 1 year ago

Very nice video. Can you provide the source code used for testing the frontend?

xgp commented 1 year ago

https://github.com/p2-inc/debug-app

It's in the frontend/ folder.

matheushent commented 1 year ago

I appreciate the help, thank you very much!