Ready to post? 
First, try searching for your answer.
Hi! I have a SAML2 application and I am using the SAML’s Identity Provider Login URL to initiate login. I’ve tried using the login_hint query parameter to pass the email but the prefill is not working. So my question is: Is it not support for SAML2? If not, is there any other way to do it?
Welcome to the Auth0 Community!
It is possible to make the prefill work using the login_hint parameter. It only works with the New Universal Login experience using Identifier First as the Authentication Profile.
The following knowledge solution should help you solve the issue:
Please let me know if you have any further questions.
Thanks,
Tudor.
Hi, thanks for your answer but I am still uncertain if this is going to work for me. I have a web app with the SAML2 addon enabled, so in this case I am using Auth0 as an IdP. Can a Enterprise SAML connection work with an Auth0 IdP?
This should work for you. Your users should be redirected to Auth0 to login, and Auth0 will authenticate them.
Thanks,
Tudor
Ok so I’ve configured an enterprise SAML connection(with the custom SAML request template) and added that to my Regular Web Application. I’ve also set Identifier First in the Authentication Profile. I tried to request the login url with the SAML connection parameter and the login_hint parameter but the email field now shows “@@LoginHint@@” so I guess the login_hint parameter is not translating to “@@LoginHint@@”. Any ideas??
@vinicius.freitas I’m wondering if you were able to solve this? I have exactly the same issue with enabling the SAML Add-on for an application, providing login_hint to the SAML IDP, but it just strips the parameter when redirecting to /u/login and does not prefill the email address.
Or if anyone else can assist…
I have a very standard Application with SAML Addon enable to act as a SAML IDP.
The login_hint is definitely being provided to the endpoint defined in the SAML metadata (as provided to the SP), however this is simply being thrown away by the redirection, and email address is not prefilled.
https://CUSTOM_DOMAIN/samlp/ID?SAMLRequest=SAML_REQUEST&RelayState=RELAY_STATE&login_hint=EMAIL_ADDRESS
(HTTP 302) →
/u/login/identifier?state=STATE
I have searched for hours to find an answer to this with no luck… hope someone has solved this already because it seems like such a basic and obvious feature which should “just work”.