Passing username to External IDP in URI

andyg1978 · March 21, 2022, 11:02am

Hi all

Apologies if this has been answered before but I could not find it. I am configuring a SAML Identity provider to provide SSO to my Okta console. This is all working but as it stands the users have to enter their email address twice, one on the Okta logon screen and the second on the IDP logon screen, so not the best end user experience.
The External IDP supports the username being passed as part of the URI string for example;
/idp/logon?username=mickey.mouse@disney.com

What I can’t seem to work out is how to get Okta to do this as part of the SSO redirect. I have tried a number of different ways such as;
/idp/logon?username=${user.name}
/idp/logon?username={user.name}
/idp/logon?username=$user.name
/idp/logon?username=${saml_idp.username}

None seem to work. Is it possible to pass a variable as part of the SingleSignOn URL and if so, what am I doing wrong.

Thanks in advance for any help or suggestions.

Andy

warren · March 22, 2022, 4:59pm

It’s not possible to add a variable with a dynamic value to the url. It sounds like Okta will send the “LoginHint” parameter to the IdP containing the username but I guess that’s not what your external IdP supports.

Okta also supports passing the identifier to the IdP with parameter “LoginHint”, so that the user doesn’t need to input the identifier again when redirected to IdP to sign in.

system · April 4, 2022, 8:03am

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Pass in username from identity server OAuth/OIDC	1	2362	February 12, 2024
Okta SAML JIT & matching against unique identifier SAML saml	2	3308	August 11, 2021
Okta IDP prefill userName SAML	3	3536	February 8, 2024
Pass username on URL login okta SAML	7	10611	November 22, 2021
Okta expressions: changing username passed to external IDP Questions	1	2908	February 8, 2024

Passing username to External IDP in URI

Related topics