About Kinde authentication
Auth and access
You need to be on a Scale plan to get authentication control at the organization level.
Enterprise connections are common for B2B setups where each business customer is represented as an organization in Kinde, and that organization is linked to one or more connections. There are two different ways to scope an enterprise connection and restrict it to the organization level.
org_code
is passed to Kinde as part of the authentication url, the correct sign-in options are shown.This behaviour is domain-agnostic and is purely concerned with the connection being used.
The easiest way to restrict an enterprise connection to an organization, is to add the connection to the organization and not create it as a shared connection (at the environment level). To do this, follow the relevant procedure for adding a connection in the relevant topic.
To manage organization access, you can set policies that restrict access to a list of allowed domains. You can also enable just-in-time (JIT) provisioning via allowed domains.
Here’s what happens:
org_code
is passed to Kinde as part of the authentication url, the correct sign-in option is shown.If both enterprise connection and domain restrictions are in place, both checks must be successful.