Skip to content
Visit Kinde’s marketing website Kinde Docs
  • Auth and access
  • Enterprise connections

About enterprise connections

Enterprise authentication is a common method for managing user access to systems in large organizations.

Kinde supports a number of enterprise connection types, including:

Provisioning for enterprise connections

Link to this section

Kinde offer a number of provisioning options for enterprise connections, including just in time (JIT) provisioning and pre-provisioning options.

See Provisioning users with enterprise connections

Enterprise connections for B2B businesses

Link to this section

Many businesses have businesses for customers (B2B), and use Kinde organizations to manage authentication and access. Kinde lets you set a number of enterprise authentication features at the organization level, see Enterprise authentication for B2B.

Routing in enterprise connections

Link to this section

When users sign up via an enterprise connection with single-sign-on (SSO), they are routed to the identity provider (IdP) for identity verification. Here’s how this happens.

The sign in button on the auth page

Link to this section

When you set up an enterprise connection in Kinde, the SSO button on the authentication page gets linked to the IdP by default, similar to how you see a Google or Facebook sign-in option.

This is fine if you only have one connection, but is not ideal if you have multiple connections and you don’t want to show multiple SSO buttons to all users.

To avoid this, you can use home realm discovery (below).

Home realm discovery

Link to this section

Home realm discovery routes users based on their email domain. So when a users enter their email and selects the SSO button, they are routed to their IdP based on the email domain, to authenticate. For example if the user enters chris@acme.com Kinde checks which IdP uses the acme.com domain and sends Chris there to authenticate.

Note that this feature has nothing to do with security or access control and everything to do with routing. Do not confuse this feature with access restrictions for domain allowlists.

Learn more about home realm discovery.

Related articles

Useful links

  • Join the community

    Get support from the Kinde team and expert users in the Kinde community

    Join via Slack or Discord

  • Contact support

    Chat to support through the Kinde help widget, or send a question via email

    Send an email