Hi, i am trying to implement SSO Login for a B2B SaaS company. What I want to do other than social logins is to ask the user for an email address and then match the domain using end point of that email to already defined email end points in connections like Google workspace, Microsoft Azure ADFS or custom defined connections that we can configure using SAML or Open Id Connect. And redirect them to the email domain provider to sign in for authentication.
Do you have any functionality where I can define such email domain endpoints on those connections and your system automatically detects the end point of user entered email and then continue to that email domain provider for login. Here the email domain provider can be any of generally available like Google, Microsoft, or any custom email domain provider Configured through SAML or OpenId (let’s say someone@example.com, here detect example.com’s email domain provider which is lets say google so take him to google for login). After that, the user will sign in to the domain provider with their email and password. And when he signs in successfully then authenticate the user back on my system using that identity.
What you are asking for wouldn’t work, unfortunately. I have an email address that ends in @joe-garcia.com but is also my Google account because I signed up for the Business licensing. So expecting @gmail.com does not include those situations.
Regardless, what you’re looking for is an Identity Provider, such as CyberArk Identity (Workforce Identity and Access Management (IAM) | CyberArk) which can provide you with the means to support SAML, OIDC, OAuth2, and more that are used for SSO. You can find more information at the link I provided and, if interested, you can request a demonstration to further dive into the possibilities.
1 Like