.png?width=210&height=60&name=zitadel-logo_text-dark%20(1).png){kind=logo}
How to route the user to the right organization?
In a classic B2B scenario, users have to be routed to the right organization to complete the login flow
There are different ways to route the user to its organization to login:
Automatically (based on login name):- If the user already exists, Zitadel will redirect the user to the right organization to log in. ZITADEL selects your users organization as soon as they enter their login name.
If the user tries to log in using their email, and that email exists in more than 1 organization, an error message will be displayed. In this case, the user will have to use the username to log in.
- If the user does not exist, for example, for external IDP users, you can enable Domain Discovery, which will allow the user to log in with it's IDP:
-
-
- Enable domain discovery for that organization:
- Organization Settings ->
Login Behavior and Security
- Organization Settings ->
- Add the domain as a verified domain for that organization:
- Organization Settings ->
Verified domains
- Organization Settings ->
- Enable domain discovery for that organization:
-
Force organization membership:
- You can pass the following scope in the auth request to force login to an specific organization:
urn:zitadel:iam:org:id:<ORG_ID>
Reference: