Overview
This article addresses whether it is possible to configure a Single Sign-On (SSO) enterprise connection to send only the username portion of an email as the login_hint parameter. This scenario applies when a specific identity provider, such as Active Directory Federation Services (ADFS), requires only the username for login, while other connections require the full email address.
Applies To
- SSO Enterprise Connections
- Active Directory Federation Services (ADFS)
- Azure AD
- Login Hint
Solution
It is not possible to configure the system to send only the username portion of an email as the login_hint for a specific enterprise connection. When the login_hint parameter is used, it sends the full email address entered by the user.
While a similar feature, defaultADUsernameFromEmailPrefix, exists within Lock, this option cannot be isolated to a single enterprise connection. More information on this Lock-specific feature is available in the Lock Configuration Documentation.