Hello! I am using Okta as my primary IdP. I have a use case where i receive a login url with a dynamic query parameter. ex (www.exampleabc.com?custom_param=123) . I navigate to my login discovery page and based on the email domain entered, the Okta routing rule redirects the browser to external IdP.(This external IdP is a Custom OIDC Integration within Okta) During this redirection I need to include custom_param=123 as part of the authorize request of the externalIdP. External Idp Supports this in their payload.
I see okta supports static params as part of authorize request in Admin console, but dynamic param in the form of OEL are not supported . I have come across solutions where I see this can be handled using standard state param to carry this value / relay proxy server intercepting and injecting this custom param before redirection to external IdP. But need some inputs on the right and safe way to achieve this, and also if this can be achieved within okta without a relay server (if Okta can persist the custom param)
Flow: Login URL→Okta→(Routing Rule)→External IdP