My OIDC provider does not allow empty value for parameter login_hint. My connection’s upstream_params is empty, but login_hint is still sent as query param with empty value. How can I prevent this ?
1 Like
Hey there @petter welcome to the community!
Interesting - What happens if you explicitly set upstream_params to null using the Management API? Is the login_hint param still passed?
Let us know!
I have a similar need – for the OIDC provider I’m integrating with, they’ll prefill and disable the username input with whatever is passed through login_hint. Auth0 passes email, but this is not the identifier the users actually want to login with.
I tried all of the following things:
"upstream_params": {} - Email still passed through
"upstream_params": null - Email still passed through
"upstream_params":{"login_hint": ""} - Payload validation error: 'Expected type object but found type string' on property options.upstream_params.login_hint.
"upstream_params":{"login_hint": null} - Payload validation error: 'Expected type object but found type null' on property options.upstream_params.login_hint.
"upstream_params":{"login_hint": {"value": ""}} - Email still passed through
"upstream_params":{"login_hint": {"value": " "}} - Worked for my use case
It would be good to get an official solution from Auth0 here. The last solution works for my use case, but I imagine for others it won’t (logint_hint is still passed as a space, my OIDC provider just ignores it in this case).
1 Like
If you don’t want to pass login_hint parameter to your OIDC provider, you could just alias login_hint to something else, for example:
"upstream_params": {
"acme_email": {
"alias": "login_hint"
}
}