Follow

oAuth Domain Hint

Quick reference:
Settings -> Single sign-on

Table of contents

 

Introduction

In this article we explain how the domain hint works and how to configure it in the Workspace. 

Domain hint explained

The regular oAuth flow is as follow:

Regular_oAuth_flow.png

In the normal flow the Federated domain check is done after the user fills in the UPN. In the configuration with domain hint, this is already preconfigured by the admin in Workspace. In this way the SSO reply URL to will have the value of the federated domain included. 

oAuth_flow_2.png

The domain hint option provides a hint about the tenant or domain that the user should use to sign in. The value of the domain_hint is a registered domain for the tenant. If the tenant is federated to an on-premises directory, Azure Active Directory redirects to the specified tenant federation server.

 

Set a domain hint

Ad an admin, go to the Workspace settings and select Single sign-on. Make sure the manual setup is selected. Here you can set a domain hint (don't forget to click on Done to save it). 

domain_hint.PNG

Back to top