Authentication methods are not all being offered on login screen
When logging in using domain discovery, the branding/correct org is chosen when entering the email of my user. However it only allows me to login using my password after I hit the Next button. But this should let me login with configured external IdP as well, except there is no option for it?
If i enter the user, hit next and then hit the back arrow I can only see the external IdP option there.
Why is the external IdP not offered after hitting the next button during the domain discovery phase?
5 Replies
Hi @Dohvaken, I'm an AI assistant for ZITADEL. While a team member reviews this question, I'll see if I can find relevant sources for your question.
Answer
I wasn't able to find a direct answer, here are some relevant sources:
1. [Domain discovery with identity provider flow][(8) ]:
Describes that after domain discovery, users should see both external IdP options and password fields for the detected organization.
2. [Domain Discovery in ZITADEL][(1) ]:
Covers how domain discovery works and shows user journeys for different authentication methods, including external IdPs, but does not detail UI option availability after the Next button.
Feel free to tag @Ask Inkeep with additional questions.
Got it. Tagging @Rajat for additional help.
Hi again @Rajat if u could help that would be great 8)
hey @Dohvaken can you record your screen and share it here, I think i am having a bit of trouble undestanding this. Also, are you cloud or self hosted?.
@Rajat hey i cant video record as I cannot install discord on the device im working from. im on a self hosted instance.
essentially at the login screen, I enter my email and click next (note the red background change is the organization branding I set so I could see when the domain discovery worked). it asks me for a password (HOWEVER I want it to offer password and entra login).
only when I hit the back arrow does the entra login display
how do I make it so once the domain discovery works i have the option to use entra or sign in via password and not password being the default?