Home Realm Discovery not detecting email domain and redirecting to correct IdP

Problem statement

We are using home realm discovery to redirect users to the appropriate IdP, depending on their email domain. This approach works for many of our connections. However, for one domain, it does not redirect and instead goes directly to a username/password page.

Cause

  • The cause of this issue was the use of the same Identity Provider domain for two different connections that were enabled for the same application. In this scenario, the user expected to be redirected to a Google login page, but instead, they were being redirected to an ADFS connection login page, which appeared unfamiliar to those users.

Solution

To address this problem while maintaining the same email domain, we recommend disabling the connection you do not intend to use for each of your applications.