Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Zitadel could be amazing, but as far as I can tell they don’t allow using your own UI screens, and it’s not obvious to me how you’d build a multi tenant SSO feature. They have the concept of organizations, but it’s not obvious to me how you’d route a user to the right login.


You can enable Domain Discovery to route users to the correct organization. Or you send a reserved scope with the auth request to select the organization. Building an own Login UI will be available in a couple of weeks (https://github.com/zitadel/zitadel/issues/5015)


Organizations are tied to domains, but yeah, that part is more confusing than the rest...

Instance also has a domain on top of that, but there are plans for a "simple" mode, assuming single org.


I mean nothing wrong with using a domain for routing, but I think most SaaSes would rather have a routing based on the email address.


That's basically what it does. You can activate Domain Discovery and verify a Domain on an organization, with that zitadel routes users to the organization based on the suffix (ie. email domain)


Thanks for clarifying, I must have missed it in the docs. If you see this comment, I'm wondering if this discovery functionality will also be customizable when the custom UI screens feature gets added?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: