Multi tenant application

I have the following use case.
I have several organizations that want to use my application (spa). The owners of these organizations must be able to register a new organization by email. Once the email has been verified and the organization has been unlocked, the owner must be able to create new users for their own organization. the username and password can be chosen freely by the owner (no email, eg Callagent1, Bob, etc.). The newly created users can now log in with the help of organization id, username and password.

how can i realize this with the help of your product? which steps do I have to take?

Hi Unkis,
Have you got the answer for this question?I am also looking for same thing.

No, unfortunately no

Hi @Unkis @NAMRATA

The organization registration can be treated as a group. When a user registers an organization, the group will be created in your Okta tenant and he will assigned as a group administrator.

Group administrators are allowed, as mentioned here, to create and manage users that are in the group they are administrating.

By default, the username needs to be in the format of an email. To remove this restriction, you can go in Okta administrative panel to Directory/Users >> Profile Editor >> select “Okta” from sidebar >> Profile >> click on the information icon for Username >> change “Format restrictions” to “None”.

If you do not see the “Format restrictions” section, it means that the self service registration option has been enabled for your account. You will need to have it disabled in order to remove the email format restriction.

To remove the restriction, please send an email to and ask for the features SELF_SERVICE_REGISTRATION and UD_MAP_FIELD_TO_LOGIN to be disabled.

This operation consists of two main operations:

  • authenticate the user using the username and password
  • if authentication is successful, check the organization id provided by the user against the group he is part of (if they match, the user should be allowed access)