post https://{application_vanity_domain}/api/v1/tenant-discovery/find-user-tenant
Attempts to find the user's tenant based on the specified application and email. This API will search for the user's tenants using the following criteria:
- A user must exist in the tenant with an
ACTIVEstatus and a verified email matching the email from the tenant discovery request. Or, the domain of the email from the request must match one of the tenant's discovery email domains. - The tenant must have an
ACTIVEstatus. - The tenant can't be of type
GLOBAL.
Depending on the number of tenants found for the given email and application, one of the following operations will be performed.
- If no tenants are found, then a 404 response is returned with a
tenant_not_founderror code. - If exactly one tenant is found, then this API will return a
TENANT_FOUNDresult with a redirect URL pointing towards the tenant's login URL. - If more than one tenant is found, this API will send a tenant discovery email containing either a verification link or a verification code to the specified email address, allowing the user to view the tenants they belong to.
Required Permissions
Below is the list of required permissions needed to interact with this API. For each permission, the allowed permission boundaries are also specified.
| Permission | Boundary | Description |
|---|---|---|
| tenant-discovery-workflow:execute | Application | The subject can perform this operation for requests associated with the application to which the subject belongs. |