currently I am using awesome Google Apps + Duo SSO for managing access to internal network to employees.
Now, we are hiring contractors, which will use domain
ext.something.com instead of
something.com. I have created a new Pritunl Organization with different routes for contractors, but I want to have same SSO 2FA security. Right now, if I add another Google Apps Domain (
ext.something.com) into Pritunl, it will use default SSO Organization.
But that is not what I need. I need to somehow force new SSO signups to use different orgs based on the domain name.
What is the best way to do that?
I would be OK manually registering people into another org, but then they would use PIN auth instead of SSO + 2FA.