Support homeSupport requestsSystem statusTrust center

Login hint support

Suggest Edits

Login hints elevate customer experiences by streamlining various aspects of the authentication and registration journeys. They enable seamless sign-in and registration for users by providing contextual information to Strivacity. Whether optimizing the sign-in flow for redirected users, simplifying the registration journey for new customers, or expediting the onboarding process for invited users, login hints allow you to deliver frictionless brand interactions.

📘

Strivacity also supports SAML-based login hints.

User identification login hint

You can streamline the sign-in experience with login hints when users are redirected from your application or website. In this scenario, Strivacity makes the account selection for the user, so users only have to enter their password or continue with MFA.

Once a user enters their credentials, you can pass a login hint parameter as a JWT token to the login flow containing the user’s identifier. Strivacity’s built-in login hint capability will automatically consume the JWT token at redirection.

📘

Strivacity expects the payload of the user identification login hint in the following format:

{ 

"type": "identifier", 

"metadata": {

 "username": "natalie.estevez", 

"email": "[email protected]" 

	} 

}

Registration login hint

Login hints also allow you to streamline the registration process for users making the first step towards your brand. After you’ve collected a user’s email address or other information on your website, you can pass on that information with a login hint parameter when they are redirected to sign up. This way users don’t have to enter the same information multiple times.

📘

Strivacity expects the payload of the user identification login hint in the following format:

{ "type": "registration", 

"metadata": { 

"attributes": { 

"name": { 

"givenName": "John", 

"middleName": "Hodor", 

"familyName": "Snow", 

"nickName": "Johnny"
			} 

		}

	}
}

SAML assertion

Strivacity supports SAML-based customization of user authentication. Strivacity as an SAML provider can accept login hints containing user information in the form of Subject.NameID, similar to how the login_hint parameter is used in OIDC.

Your brand portal can include the user’s Subject.NameID in the SAML AuthRequest sent to Strivacity’s authorization endpoint. Strivacity then consumes the request and authenticates the user by issuing a SAML assertion.

Strivacity expects the SAML AuthRequest in the following format:

<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="12345" Version="2.0" IssueInstant="2024-03-04T12:00:00Z" Destination="https://saml-provider.com/authn">
  saml:Issuer<https://yourbrandportal.io</saml:Issuer>>
  <samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"/>
  samlp:Subject
    <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">[email protected]</saml:NameID>
  </samlp:Subject>
</samlp:AuthnRequest>

Updated about 1 month ago