Hi @DisplayName-3010 • Thank you for reaching out.
To use Domain Hint in SAML, the SAML authentication request must contain either a domain hint or a query string whr=example.com"
To include the domain hint in the SAML request, you should use the Scoping XML node, and include a single entry IDPEntry under the IDPList (at this time, only the first IDPEntry node is used by Azure AD). Here’s an example of what the request would look like with “example.com” as the domain name hint:
<samlp:AuthnRequest xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="iddeb9381bc15e4fd6a253b97205d47c6f" Version="2.0" IssueInstant="2015-02-26T18:57:06.4772751Z" IsPassive="false" AssertionConsumerServiceURL="https://www.authnauthz.com/saml/inboundauthnresponse" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer>https://www.authnauthz.com</saml:Issuer>
<samlp:Scoping>
<samlp:IDPList>
<samlp:IDPEntry ProviderID="https://example.com" Name=”example.com”/>
</samlp:IDPList>
</samlp:Scoping>
</samlp:AuthnRequest>
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.