Attempts to find the user's tenant based on the specified application and email. This API will search for the user's tenants using the following criteria:

A user must exist in the tenant with an ACTIVE status and a verified email matching the email from the tenant discovery request. Or, the domain of the email from the request must match one of the tenant's discovery email domains.
The tenant must have an ACTIVE status.
The tenant can't be of type GLOBAL.

Depending on the number of tenants found for the given email and application, one of the following operations will be performed.

If no tenants are found, then a 404 response is returned with a tenant_not_found error code.
If exactly one tenant is found, then this API will return a TENANT_FOUND result with a redirect URL pointing towards the tenant's login URL.
If more than one tenant is found, this API will send a tenant discovery email containing either a verification link or a verification code to the specified email address, allowing the user to view the tenants they belong to.

Required Permissions

Below is the list of required permissions needed to interact with this API. For each permission, the allowed permission boundaries are also specified.

Permission	Boundary	Description
tenant-discovery-workflow:execute	Application	The subject can perform this operation for requests associated with the application to which the subject belongs.

200OK

400Bad Request

401Unauthorized

403Forbidden

404Not Found

405Method Not Allowed

406Not Acceptable

415Unsupported Media Type

500Internal Server Error

503Service Unavailable