Skip to main content
oAuth Domain Hint
Updated over 5 months ago

Certain Azure policies may not work when a domain hint is configured in the SSO setup.

Introduction

In this article we explain how the domain hint works and how to configure it in the Workspace.โ€‹

Domain hint explained

The regular oAuth flow is as follows:

oauth1.png

In the normal flow the Federated domain check is done after the user fills in the UPN. In the configuration with domain hint, this is already preconfigured by the admin in Workspace. In this way the SSO reply URL to will have the value of the federated domain included.

oauth2.png

The domain hint option provides a hint about the environment or domain that the user should use to sign in. The value of the domain_hint is a registered domain for the environment. If the environment is federated to an on-premises directory, Microsoft Entra ID (previously Azure AD) redirects to the specified environment federation server.


Set a domain hint

As an admin, go to the Workspace Settings and select Single sign-on. Make sure the manual setup is selected. Here you can set a domain hint (don't forget to click on Done to save it).

oAuthDomainHint.png

Did this answer your question?