Feature: Parameterized Default Login URL.
Description: I suspect this may present a significant security challenge but it would be useful if it were possible to pass through query string parameters in the the app / tenant Default Login URL.
Use-case: a user visits a stale bookmark that looks something like:
https://sso.example.com/login?state=[STALE STATE]
&client=[CLIENT_ID]&protocol=oauth2&audience=[AUDIENCE]
&redirect_uri=[CALLBACK]&scope=[SCOPE]&response_type=code
&language=en-ca
the language
parameter isn’t a standard parameter in the call to /login
. The developer probably wants to be able to pass that along as the user is redirect back to the login with a fresh state parameter.