I want to configure an IdP-initiated URL such that the email of the authenticated user is included in the URL. I tried using the following format:
https://xyz.io/idp?email={user.email}
,
but it didn’t work. Can anyone help?
Can you provide more details about your use case and desired behavior? Are you trying to log user into a specific application through a specific Identity Provider?
Hey @andrea, my use case is that if i can find email through the IdP url(user.email) so that i can get to know the user before decoding the access token and find his tenant instead of asking for other dynamic property while setting up.
My other question is that in Redirect URI’s i have selected multiple URI’s as i have different domains. so that the request won’t be a Bad Request(400) when requesting from those different domains but i see that i can add only one URI in initiate Login URI how should i handle the different domains here? i can set up a dynamic property(region) and ask for input during customer configuration and redirect user to that particular domain but we have one with https://abc.us1a.company.com
and other with https://abc.company.com
. can i use OEL here? if not how can i solve this problem? i can’t find any resources please help me out.
I’m not sure I understand your use case. What/how/why are you determining the user’s email before receiving tokens for them?
That is correct, OIDC apps can only have a single Initiate Login URI, as that is the URI to which Okta will redirect the user if they launch the application from the End-User Dashboard (or via the App Embed URL). There is no support for OEL here, so you would likely need to create individual applications (hint, you can use a Bookmark app) for each individual domain and assign them to the users that should be using that domain.