Password Login via OIDC-Conformant Clients with Externally-Hosted Login Pages is Unsupported or Initiated from the Wrong Place


An end-user inputs the correct username and password.

However, the user saw this error screen.

Error message:

access_denied: Password login via OIDC-conformant clients with externally-hosted login pages is unsupported. Alternatively, login could have been initiated from the wrong place (e.g., a bookmark)

Steps to reproduce

  1. Use Classic Login Experience.
  2. Open the login page.
  3. Bookmark the login page.
  4. Log in once and then log out.
  5. Try logging in from the bookmarked login page.
  6. Get the error message: *Password login via OIDC-conformant clients…


  • An end-user bookmarked the login page.
  • An end-user kept the hosted login page open for more than 30 minutes.


Use the New Universal Login and configure the default login route, as described here.