> ## Documentation Index
> Fetch the complete documentation index at: https://stytch.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.
# Add an org-specific login
> Build a specialized login page for a single tenant.
If you're just getting started, follow our [Quickstart](./discovery) on implementing a general login or signup.
## Overview
This guide shows you how to configure the `` component auth flow to be scoped to a specific organization. This typically means you have or plan to have org-specific routes in your app (e.g. `acme.yourapp.com` or `yourapp.com/team/acme`).
***
## Prerequisites
* [JavaScript](https://www.npmjs.com/package/@stytch/vanilla-js), [Next.js](https://www.npmjs.com/package/@stytch/nextjs), or [React](https://www.npmjs.com/package/@stytch/react) B2B SDK installed
* `public_token` from your Stytch project & environment added to your app
* Enable the Frontend SDK configuration and any relevant authentication products in the [Dashboard](https://stytch.com/dashboard/sdk-configuration).
In most cases, the Stytch UI component would be hosted at an org-specific URL (e.g. `https://yourapp.com/acme/login`).
* [See the SDK reference](#)
Having an organization-specific URL makes it more difficult to be abused for [account enumeration](#account-enumeration-risk).
If you're using a URL with the `organization_slug` (e.g. `acme` in the example above):
* Add it as an [Authorized Domain](https://stytch.com/dashboard/sdk-configuration) using an *Organization URL template.*
* Or set the `organizationSlug` param in the component `config` directly.
Configure under the component `config`:
```jsx theme={null}
authFlowType: 'Organization'
```
Specify auth methods under the `config`, for example:
```jsx theme={null}
products: [B2BProducts.emailMagicLinks, B2BProducts.sso],
emailMagicLinksOptions: {
loginRedirectURL: "https://example.com/login",
signupRedirectURL: "https://example.com/signup"
},
ssoOptions: {
loginRedirectURL: "https://example.com/login",
signupRedirectURL: "https://example.com/signup"
},
```
Redirect URLs determine where users are routed to complete their auth flow per method `config`. For example:
* `signupRedirectURL`: Where **new** users are routed after clicking an email magic link.
* `loginRedirectURL`: Where **existing** users are routed after clicking an email magic link.
These can be set to be the same or different URL depending if you want to redirect users differently.
Add the `` component to your redirect URL routes to handle the remainder of the authentication flow.
Upon a successful authentication, a `session_token` and `session_jwt` for the organization is stored in browser cookies or mobile storage.
You can retrieve both Session and Member data via the SDK. For example, `useStytchMemberSession()` could be used to route authenticated users to your core app experience.
***
## Account enumeration risk
An account enumeration attack is when a bad actor identifies valid users, emails, etc. through an app's auth flow to gain information about a system that can be used in further attacks.
Org-specific logins surface the organization's name and login methods. Passwords and Magic Links can further expose whether or not a user has an existing account if error messages aren't opaque enough. **Preventative measures you can take:**
* Use an organization-specific URL
* Enable opaque errors in the [Dashboard](https://stytch.com/dashboard/sdk-configuration)
* Or use the [Discovery login](/multi-tenant-auth/build-auth/discovery)
***
## Next steps
* Authentication methods
* Session management