Introduction

This article will show how we can use the functionality of the tenant select component and explore its application within a flow. Using the tenant select component, we aim to provide an understanding of how to use the tenant details once selected.

The Component

Create a new screen inside a flow, and search for "Select Tenant":

tenant select component in Descope screen.

Implementing Tenant Selection In A Descope Flows

Flow Overview

This following flow lets an administrator select a tenant that he is associated to, and triages on the tenant's name. If the name is 'test' the flow exists. Otherwise, the tenant SSO Configuration is printed to the screen:

A flow that uses tenant name in Descope.

A Closer Look At The Condition

Here is a closer look on the condition, that uses the tenant's name:

A condition based on tenant details in Descope

You can use the tenant's domain or domains and any custom attributes you define. For creating custom attributes, you can read further in this article.

Using The Selected Tenant Context Key

After selecting a tenant inside the screen, you can also query it from the context with form.userSelectedTenant:

JWT After Tenant Selection

After the tenant has been selected, the JWT will have the dct claim marking which tenant is the actively selected tenant.

{
  "amr": [
    "oauth"
  ],
  "dct": "T2JEfswIPhl9I5YipLhSLNa6VfVV",
  "drn": "DS",
  "exp": 1708620768,
  "iat": 1708620588,
  "iss": "xxxxx",
  "rexp": "2024-03-21T16:49:48Z",
  "sub": "xxxxx",
  "tenants": {
    "xxx": {},
    "T2JEfswIPhl9I5YipLhSLNa6VfVV": {},
    "xxx": {},
  }
}

Updating Tenant Information

You can also use flows in administrative ways to update tenant information and have your tenant admin use them.

Update Email Domain

The email domain field helps you automatically associate users by their email domain to that tenant. Here is how you can embed a way to change the email domain inside a flow:

Was this article helpful?Yes No