Overview#
Login_hint is an OPTIONAL parameter in the Authentication Request as a "Hint" to the Authorization Server about the login identifier the End-User might use to log in (if necessary).Login_hint can be used by a Relying Party (OAuth Client) when it knows the End-User's e-mail address (or other identifier) and then wants to pass that value as a hint to the discovered Authorization Server within the Authentication Request
It is RECOMMENDED that the hint value match the value used for discovery. This value MAY also be a phone number in the format specified for the phone_number Claim.
Google[1], Azure use of Login_hint#
When your app knows which user that is trying to authenticate, it can provide the Login_hint parameter as a hint in the Authorization Request. Passing the Login_hint suppresses the Account Chooser and either pre-fill the email box on the sign-in form, or select the proper session (if the user is using multiple sign-in), which can help you avoid problems that occur if your app logs in the wrong user account.The value can be either an email address or the sub string, which is equivalent to the user's Google Account.
The use of this parameter is left to the Identity Provider (IDP)'s discretion.
Azure specifying login_hint=user@domain.com with the username in the Authorization Request URL to tell Azure which account the user could use. If they are already signed-in, they will not prompt the user to select the account.
More Information#
There might be more information for this subject on one of the following:- [#1] - Authentication URI parameters
- based on information obtained 2016-02-16