search

omniauth / omniauth-saml

A generic SAML strategy for OmniAuth
https://github.com/omniauth/omniauth-saml
Other
331 stars 205 forks source link

login_hint? #208

Closed HendrikPetertje closed 2 years ago

HendrikPetertje commented 2 years ago

Hey Omniauth SAML team!

I've been using your fantastic adapter for a while now, but have recently started to get questions from my customers about the ability to pre-fill their email address in the Microsoft Azure login page.

Apparently its possible to include a param &login_hint=username@example.com in SAML solutions like Microsoft Azure & Auth0 the header of the SAML request to automatically pre-fill the email address (or skip over filling in email address & password entirely if the user is already signed in, moving straight into multi-factor)

I am wondering how i should proceed to parse the email address coming from the login form of my website straight into a login_hint param for Auth0 and Azure AD, is there a way of doing this in omniauth_saml natively?

HendrikPetertje commented 2 years ago

I believe I found the right option!

in the provider settings:

 h[:idp_sso_service_url_runtime_params] = { username: :login_hint }

And then just post to the SSO login url with a "username" param!

jstuckey commented 10 months ago

Thank you for figuring this out and sharing the solution! I just made the same change for our application.