Skip to main content

Domain Hinting

Domain Hinting is a mechanism used to bypass the Home Realm Discovery (HRD) screen and direct a user straight to their organization's Identity Provider.

How it Works

When an application initiates an authentication request, it can include a domain_hint parameter in the URL.

Example: https://idp.identix.io/oauth2/authorize?client_id=app1&...&domain_hint=example.com

Identity Broker checks if example.com is mapped to a specific Identity Provider (e.g., "ExampleCorp Azure AD"). If a match is found, the user is immediately redirected to that IDP, skipping the email entry screen.

Configuration

  1. Navigate to Services > Domain Mappings.
  2. Associate a domain (e.g., example.com) with a Federated IDP.
  3. Ensure the Client Application sends the hint.