Enable Organization Connections

Enable Organization Connections

Each organization can have specific connections enabled, which represent the login options you can offer your users for that organization. To enable a connection for an organization, you must have already created the connection in your tenant. Available connections include database connections, social connections, and enterprise connections.

You can enable connections for organizations using either the Auth0 Dashboard or the Management API.

Auth0 Dashboard

To enable a connection via the Auth0 Dashboard:

  1. Navigate to Auth0 Dashboard > Organizations, and select the organization for which you want to configure connections.

  2. Select the Connections view, and select Enable Connections.

  3. Select the connection you want to enable, and select Enable Connection.

  4. Locate Membership On Authentication, and choose whether to enable or disable auto-membership which will allow all users logging in with the connection to automatically be added as members of the organization.

  5. Select Save.

Management API

To enable a connection via the Management API:

Make a POST call to the Create Organization Connections endpoint. Be sure to replace ORG_ID, MGMT_API_ACCESS_TOKEN, CONNECTION_ID, and JIT_MEMBERSHIP_VALUE placeholder values with your organization ID, Management API Access Token, and connection ID, respectively.


curl --request POST \
  --url https://your_auth0_domain/api/v2/organizations/ORG_ID/enabled_connections \
  --header 'authorization: Bearer MGMT_API_ACCESS_TOKEN' \
  --header 'cache-control: no-cache' \
  --header 'content-type: application/json' \
  --data '{ "connection_id": "CONNECTION_ID", "assign_membership_on_login": "JIT_MEMBERSHIP_VALUE" }'

Was this helpful?

/
var client = new RestClient("https://your_auth0_domain/api/v2/organizations/ORG_ID/enabled_connections");
var request = new RestRequest(Method.POST);
request.AddHeader("content-type", "application/json");
request.AddHeader("authorization", "Bearer MGMT_API_ACCESS_TOKEN");
request.AddHeader("cache-control", "no-cache");
request.AddParameter("application/json", "{ \"connection_id\": \"CONNECTION_ID\", \"assign_membership_on_login\": \"JIT_MEMBERSHIP_VALUE\" }", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);

Was this helpful?

/
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "https://your_auth0_domain/api/v2/organizations/ORG_ID/enabled_connections"

	payload := strings.NewReader("{ \"connection_id\": \"CONNECTION_ID\", \"assign_membership_on_login\": \"JIT_MEMBERSHIP_VALUE\" }")

	req, _ := http.NewRequest("POST", url, payload)

	req.Header.Add("content-type", "application/json")
	req.Header.Add("authorization", "Bearer MGMT_API_ACCESS_TOKEN")
	req.Header.Add("cache-control", "no-cache")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Was this helpful?

/
HttpResponse<String> response = Unirest.post("https://your_auth0_domain/api/v2/organizations/ORG_ID/enabled_connections")
  .header("content-type", "application/json")
  .header("authorization", "Bearer MGMT_API_ACCESS_TOKEN")
  .header("cache-control", "no-cache")
  .body("{ \"connection_id\": \"CONNECTION_ID\", \"assign_membership_on_login\": \"JIT_MEMBERSHIP_VALUE\" }")
  .asString();

Was this helpful?

/
var axios = require("axios").default;

var options = {
  method: 'POST',
  url: 'https://your_auth0_domain/api/v2/organizations/ORG_ID/enabled_connections',
  headers: {
    'content-type': 'application/json',
    authorization: 'Bearer MGMT_API_ACCESS_TOKEN',
    'cache-control': 'no-cache'
  },
  data: {
    connection_id: 'CONNECTION_ID',
    assign_membership_on_login: 'JIT_MEMBERSHIP_VALUE'
  }
};

axios.request(options).then(function (response) {
  console.log(response.data);
}).catch(function (error) {
  console.error(error);
});

Was this helpful?

/
#import <Foundation/Foundation.h>

NSDictionary *headers = @{ @"content-type": @"application/json",
                           @"authorization": @"Bearer MGMT_API_ACCESS_TOKEN",
                           @"cache-control": @"no-cache" };
NSDictionary *parameters = @{ @"connection_id": @"CONNECTION_ID",
                              @"assign_membership_on_login": @"JIT_MEMBERSHIP_VALUE" };

NSData *postData = [NSJSONSerialization dataWithJSONObject:parameters options:0 error:nil];

NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"https://your_auth0_domain/api/v2/organizations/ORG_ID/enabled_connections"]
                                                       cachePolicy:NSURLRequestUseProtocolCachePolicy
                                                   timeoutInterval:10.0];
[request setHTTPMethod:@"POST"];
[request setAllHTTPHeaderFields:headers];
[request setHTTPBody:postData];

NSURLSession *session = [NSURLSession sharedSession];
NSURLSessionDataTask *dataTask = [session dataTaskWithRequest:request
                                            completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
                                                if (error) {
                                                    NSLog(@"%@", error);
                                                } else {
                                                    NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse *) response;
                                                    NSLog(@"%@", httpResponse);
                                                }
                                            }];
[dataTask resume];

Was this helpful?

/
$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://your_auth0_domain/api/v2/organizations/ORG_ID/enabled_connections",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => "{ \"connection_id\": \"CONNECTION_ID\", \"assign_membership_on_login\": \"JIT_MEMBERSHIP_VALUE\" }",
  CURLOPT_HTTPHEADER => [
    "authorization: Bearer MGMT_API_ACCESS_TOKEN",
    "cache-control: no-cache",
    "content-type: application/json"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}

Was this helpful?

/
import http.client

conn = http.client.HTTPSConnection("your_auth0_domain")

payload = "{ \"connection_id\": \"CONNECTION_ID\", \"assign_membership_on_login\": \"JIT_MEMBERSHIP_VALUE\" }"

headers = {
    'content-type': "application/json",
    'authorization': "Bearer MGMT_API_ACCESS_TOKEN",
    'cache-control': "no-cache"
    }

conn.request("POST", "/api/v2/organizations/ORG_ID/enabled_connections", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

Was this helpful?

/
require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://your_auth0_domain/api/v2/organizations/ORG_ID/enabled_connections")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

request = Net::HTTP::Post.new(url)
request["content-type"] = 'application/json'
request["authorization"] = 'Bearer MGMT_API_ACCESS_TOKEN'
request["cache-control"] = 'no-cache'
request.body = "{ \"connection_id\": \"CONNECTION_ID\", \"assign_membership_on_login\": \"JIT_MEMBERSHIP_VALUE\" }"

response = http.request(request)
puts response.read_body

Was this helpful?

/
import Foundation

let headers = [
  "content-type": "application/json",
  "authorization": "Bearer MGMT_API_ACCESS_TOKEN",
  "cache-control": "no-cache"
]
let parameters = [
  "connection_id": "CONNECTION_ID",
  "assign_membership_on_login": "JIT_MEMBERSHIP_VALUE"
] as [String : Any]

let postData = JSONSerialization.data(withJSONObject: parameters, options: [])

let request = NSMutableURLRequest(url: NSURL(string: "https://your_auth0_domain/api/v2/organizations/ORG_ID/enabled_connections")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()

Was this helpful?

/

Value Description
ORG_ID ID of the organization for which you want to enable a connection.
MGMT_API_ACCESS_TOKEN Access Token for the Management API with the scope create:organization_connections.
CONNECTION_ID ID of the connection you want to enable for the specified organization.
JIT_MEMBERSHIP_VALUE Indicates whether you want users that log in with this connection to automatically be granted membership in the organization. When set to true, users will automatically be granted membership. When set to false, they will not automatically be granted membership.

Response status codes

Possible response status codes are as follows:

Status code Error code Message Cause
201 Connection successfully added to organization.
401 Invalid token.
401 Invalid signature received for JSON Web Token validation.
401 Client is not global.
403 insufficient_scope Insufficient scope; expected any of: create:organizations_connections. Tried to read/write a field that is not allowed with provided bearer token scopes.
429 Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers.