question

KarikalanRamakrishn-2625 avatar image
0 Votes"
KarikalanRamakrishn-2625 asked amanpreetsingh-msft commented

How to pass login_hint when using Idp initiated sign in flow - Azure SAML B2C Custom policy?

I'm using B2C SAML authentication custom policy. Also this thru Idp initiated sign-in flow. i.e. https://.b2clogin.com/.onmicrosoft.com//generic/login?EntityId=app-identifier-uri -https://docs.microsoft.com/en-us/azure/active-directory-b2c/saml-service-provider-options?pivots=b2c-custom-policy

My requirement is that I want to pass "login_hint" thru the URL as explained in https://docs.microsoft.com/bs-latn-ba/azure/active-directory-b2c/direct-signin?pivots=b2c-user-flow

Not sure this is applicable to OIDC protocol only. Not for SAML? Even if its applicable to SAML, not sure for Idp initiated sign-in URL, how to pass the login_hint parameter value. Any example OR guidelines will be greatly appreciated. Thanks

azure-ad-b2c
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

amanpreetsingh-msft avatar image
1 Vote"
amanpreetsingh-msft answered amanpreetsingh-msft commented

Hi @KarikalanRamakrishn-2625 • Thank you for reaching out.

Spec-wise, login_hint is a subject field in SAML authN request. However, Azure AD B2C does not support parsing out user hint from subject claim in the request. So, as of now, B2C can use login_hint only when OIDC/OAuth is used.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Great, thanks for the confirmation Aman.

0 Votes 0 ·