xgp
commented
3 months ago It is not asking for the IDP's username/password. It is failing to match an organization IdP based on email domain, and it is presenting a normal username/password login. If it had matched the email domain, it would have redirected to your configured IdP.
There's a quick video showing how a sample setup would work https://youtu.be/wAeT07JGhOI?si=NWDqMGpKAjWAs0mi
For the first login screen it is actually looking for the domain name and NOT email. Why can't we have the screen which asks for the domain and NOT email.
Sounds like you have a pretty strong opinion about what should happen. You should create a custom Authenticator that does that.
I've added Home IDP Discovery Authenticator. When I tried to login it asks for username/email after entering it asks me IDP's username/password. We can give different email in first screen and different email for IDP. For the first login screen it is actually looking for the domain name and NOT email. Why can't we have the screen which asks for the domain and NOT email. Any suggestions?