oAuth Domain Hint
Table of contents
Introduction
In this article we explain how the domain hint works and how to configure it in the Workspace.
Domain hint explained
The regular oAuth flow is as follow:
In the normal flow the Federated domain check is done after the user fills in the UPN. In the configuration with domain hint, this is already preconfigured by the admin in Workspace. In this way the SSO reply URL to will have the value of the federated domain included.
The domain hint option provides a hint about the tenant or domain that the user should use to sign in. The value of the domain_hint is a registered domain for the tenant. If the tenant is federated to an on-premises directory, Azure Active Directory redirects to the specified tenant federation server.
Set a domain hint
Ad an admin, go to the Workspace settings and select Single sign-on. Make sure the manual setup is selected. Here you can set a domain hint (don't forget to click on Done to save it).