We’ve been using login_hint in our Swift iOS app for the past month or two without any issues. When a user logs in via SAML (Okta), we capture and store their email. On subsequent logins, we pre-populate the login_hint parameter with that email, and until recently, this reliably redirected them to Okta as expected.
However, recently (unknown time start - est last day or two), this behavior changed. Now, when we pass the login_hint with the SAML email, the user is incorrectly sent to the universal login’s username/password screen instead of being redirected to Okta. If the user taps “Back” and then goes through the regular login flow manually, everything works correctly—they enter their email and are routed to Okta as expected.
Nothing has changed on our end as far as we know. Has there been a recent update to how login_hint is handled, or is there something else we should be looking into?
As far as I know, there haven’t been any recent updates to how the login_hint is handled or to the Auth0 Swift SDK.
I just tested this flow on my end by going to my /authorize endpoint in the browser, and I got the login_hint parameter to populate the email field as expected using a SAML connection.
Just to clarify, are you also specifying the connection query parameter in your request?
If not, it might help to include both connection and login_hint query parameters to send the user to log in using their SAML credentials.
I have tried restoring an old version of the application in which the flow used to workand this flow still doesn’t work, so it must be something on the server side
Yes, if a connection parameter is not specified, it will redirect to the U/P flow. On that page, if the login_hint is passed and the SAML connection is displayed as a button, the user can click that button, and the email address will populate downstream.
Can you see if the login_hint works in a regular browser?