Create B2B journeys

Mosaic Journeys allow organization admins to fully customize the onboarding and login experiences of B2B members by defining invitation and login flows that feel seamless to the end-user and are tailored to their membership in the organization. By introducing the org context, B2B journeys give you full control over how members are onboarded or authenticated.

How it works

Inviting B2B members:

  1. The organization admin adds a member in the Organization portal.
  2. The admin sends an invitation email containing a magic link.
  3. When the member clicks the link, the invite journey is triggered. The journey call includes both the user identifier and the org context.
  4. The member is onboarded via SSO Service.
  5. After successful onboarding and authentication, the member is redirected to the page configured in the application settings.

Logging in B2B members:

  1. The member navigates to the app login page that triggers the SSO login journey for B2B.
  2. Upon obtaining the org context, the journey proceeds to authentication. For enhanced user experience, it can check if a valid SSO session exists to allow members to log in without needing to re-enter their credentials.
  3. After successful authentication, the member is redirected to the app.

Before you start

This B2B tutorial is built on top of more versatile Mosaic configuration steps. To implement B2B invite and login journeys, make sure the following prerequisites are in place:

  • You have at least one organization set up in Mosaic (Step 1 in the Login members into B2B apps guide).
  • You have an application configured to support B2B authentication and connected to an organization. Your application should also specify Application URI for inviting members (Steps 2, 3, and 4 in the Log in members into B2B apps guide).
  • You have completed the basic SSO setup. See Configure SSO Service.

Step 1: Set up SSO Service to support B2B

Start by specifying which journeys the SSO Service should execute for your B2B member invite and login flows.

  1. Navigate to SSO and Federation > Configuration, then expand the B2B configuration section. In the B2B invite journey field, select + Create new journey and provide a nameMosaic will create a blank SSO journey automatically. This journey will be triggered when a person clicks on the magic link in the email.
  2. Navigate to SSO and Federation > Configuration > Client groups, drill-down to the client group. In the Journey section, select + Create new journey and provide a nameMosaic will create a blank SSO journey automatically. This journey will be triggered when a member wants to log in to the app.

Step 2: Build B2B invite journey

The B2B invite journey runs when an end-user clicks the invitation link to join the organization. To onboard the member to the right organization, this journey uses the org context retrieved from the invite link. Within this journey, the new member is onboarded through SSO service and, depending on the journey logic, may also be logged in.

Navigate to B2B Identity > Journeys and locate the invite journey you've created in Step 1. Start building the journey, for example, add the following steps:

  1. Collect information step: Welcomes a member to the organization (specified using @organizations.current().name expression), then collects user details, such as name and date of birth.
  2. Register a passkey step: Registers passkey credentials for WebAuthn-based biometric authentication.
  3. Display information step: Confirms that the member completed onboarding.
B2B invite journey example
Click to open the image in a dedicated tab.

Step 3: Build B2B login journey

The B2B login journey runs when an end-user wants to log in to the app associated with an organization. To customize login experience, this journey uses the org context retrieved from user's input.

Navigate to B2B Identity > Journeys and locate the login journey you've created in Step 1. Start building the journey, for example, add the following steps:

  1. Collect information step: Prompts the member to enter their email and saves it in the outpt variable.
  2. Select organization step: Retrieves membership details for the user and sets the org context.
  3. Login form step: Presents available login methods to the member, for example, passkey authentication. Keep the Auth Methods by Org field set to default to leverage the organization specified in a previous step.
  4. Passkey authentication step: Handles authentication with WebAuthn credentials. Keep the Org context field set to default to leverage the organization specified earlier in the journey.
B2B invite journey example
Click to open the image in a dedicated tab.

Test: Invite members

Organization admins invite members from the Members page in the Organization Admin Portal. To invite:

  1. Add the member using email or phone.
  2. Assign the role Organization member.
  3. Choose Send invitation to user.

This sends an email with a magic link that includes the org context. The invite journey begins when the user clicks it.