Hi, i am trying to implement SSO Login for a B2B SaaS company. What I want to do other than social logins is to ask the user for an email address and then match the domain using end point of that email to already defined email end points in connections like Google workspace, Microsoft Azure ADFS or custom defined connections that we can configure using SAML or Open Id Connect. And redirect them to the email domain provider to sign in for authentication.
Do you have any functionality where I can define such email domain endpoints on those connections and your system automatically detects the end point of user entered email and then continue to that email domain provider for login. Here the email domain provider can be any of generally available like Google, Microsoft, or any custom email domain provider Configured through SAML or OpenId (let’s say someone@example.com, here detect example.com’s email domain provider which is lets say google so take him to google for login). After that, the user will sign in to the domain provider with their email and password. And when he signs in successfully then authenticate the user back on my system using that identity.
Hi there! if I am understanding what you are asking then Okta absolutely supports this flow. Take a look at this doc which explains setting up IdP Discovery with Routing Rules:
https://help.okta.com/en/prod/Content/Topics/Security/Identity_Provider_Discovery.htm
Also this doc will be helpful in setting up Identity Providers in Okta:
https://developer.okta.com/docs/guides/add-an-external-idp/openidconnect/configure-idp-in-okta/