• Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login
FusionAuth
  • Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login

Limit login for SAML and OIDC to a given email domain

Scheduled Pinned Locked Moved
Q&A
domain limits sso saml oidc
0
2
980
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    dan
    last edited by 23 Sept 2021, 16:21

    I want to limit use of an OIDC or SAML provider to a certain domain or set of domains. For instance, I want my employees to login via a different identity provider, but my customers to login straight against FusionAuth. How can I implement this?

    --
    FusionAuth - Auth for devs, built by devs.
    https://fusionauth.io

    1 Reply Last reply Reply Quote 0
    • D
      dan
      last edited by 23 Sept 2021, 16:22

      Use the managed domains feature. From the docs:

      Adding one or more managed domains for this configuration will cause this provider not to be displayed as a button on your login page. Instead of a button the login form will first ask the user for their email address. If the user’s email address matches one of the configured domains the user will then be redirected to this login provider to complete authentication. If the user’s email address does not match one of the configured domains, the user will be prompted for a password and they will be authenticated using FusionAuth.

      Documentation:

      https://fusionauth.io/docs/v1/tech/identity-providers/samlv2/

      https://fusionauth.io/docs/v1/tech/identity-providers/openid-connect/

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      1 Reply Last reply Reply Quote 0
      1 out of 2
      • First post
        1/2
        Last post