Separate login per organization
I'm working on a multi-tenant application. I would like to allow the users to register per organization but I found a small issue.
Scenario:
1. User tries to log into App A (represented in Kinde by Organization 1) - gets info that they don't have an account and are prompted to create one
2. Users registers in App A - user registered
3. User tries to log into App B (represented by Organization 2) - instead of the behavior like in step 1 so being prompted to register, the user gets info that they don't have permissions for Organization 2
The expected UX should be that the organizations are independent. The user who has an account in Organization 1, when attempting to login to Organization 2, should be prompted that they are not registered. Unfortunately trying to log into another organization while already being registered to one, shows that the user is already registered but doesn't have permissions - this exposes information that the user is already registered elsewhere but from the users perspective there's no elsewhere - each tenant instance should be independent. This not only looks disruptive but might be considered an issue in terms of user privacy.
Interestingly, going directly to registration allows the user to register anew and the outcome is that the user is simply added to the organization. The problem lies within the login feature.
Scenario:
1. User tries to log into App A (represented in Kinde by Organization 1) - gets info that they don't have an account and are prompted to create one
2. Users registers in App A - user registered
3. User tries to log into App B (represented by Organization 2) - instead of the behavior like in step 1 so being prompted to register, the user gets info that they don't have permissions for Organization 2
The expected UX should be that the organizations are independent. The user who has an account in Organization 1, when attempting to login to Organization 2, should be prompted that they are not registered. Unfortunately trying to log into another organization while already being registered to one, shows that the user is already registered but doesn't have permissions - this exposes information that the user is already registered elsewhere but from the users perspective there's no elsewhere - each tenant instance should be independent. This not only looks disruptive but might be considered an issue in terms of user privacy.
Interestingly, going directly to registration allows the user to register anew and the outcome is that the user is simply added to the organization. The problem lies within the login feature.
