Login Hint is setting password authentication be default

yarin · July 23, 2023, 12:53pm

I am using the new universal login experience.
The user lands in our page, enters his email and then redirected to auth0 universal login page.
In between we capture the sign in request, append the organization id to the request to auth0.
Then the user sees the universal login customised for his organization (tenant).
In order to save the burden of typing the email twice, I am passing “login_hint” as mentioned in the docs,
But when this parameter is used the other auth methods of the organizations (such as Okta) doesnt appear, but only “username password” method.

Why this is behaves like this and is there another way of pre-filling this input without restricting the flow?

rueben.tiow · July 24, 2023, 5:29pm

Hi @yarin,

Welcome to the Auth0 Community!

Yes, that is by design. When you pass the login_hint parameter in the login request, it will be used to populate the username/email field for the login or signup page. (Reference: New Universal Login Experience - login_hint) By default, it uses the Username-Password-Authentication database connection.

As a workaround, you could pass the login_hint, organization, and connection query parameters in your /authorize request. This will allow you to specify the connection that the user will use to log in.

For example:

https://{yourDomain}/authorize?
    response_type=code&
    client_id={yourClientId}&
    redirect_uri={https://yourApp/callback}&
    scope={scope}&
    audience={apiAudience}&
    state={state}&
    organization={org_id}&
    login_hint={user_email_address}&
    connection={yourConnection}

In summary, passing in the connection parameter in your login request will let you specify the connection the user will use to authenticate.

Please let me know if you have any questions.

Thanks,
Rueben

system · August 7, 2023, 5:29pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.