Hide Loginname suffix option not working
Hi there, I have an instance where no multiple domains per Org (as well as no multiple Orgs) are planned. I may have a conflicting setting now: since i wanted to have usernames, I kept the checkmark in the domainsettings for the suffix. Otherwise it would use the mailaddress as username which I do not want. So then, in order to not confuse my users, I have added the accessibility-checkmark on "Hide Loginname suffix", which works in the preview but the instance still requires
username@domain or else complains about a not found user.2 Replies
Hei @Milan To be able to hide the loginname suffix we need to know to which organization the user belongs, so we know in which organization to search for the username. You have to send the organization scope in your authentication request.
This should look something like this: https://mydomain-xyza.zitadel.cloud/oauth/v2/authorize?client_id=170086824411201793%40yourapp&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fapi%2Fauth%2Fcallback%2Fzitadel&response_type=code&scope=openid%20email%20profile%20urn%3Azitadel%3Aiam%3Aorg%3Aid%3A168811945419506433&code_challenge=9az09PjcfuENS7oDK7jUd2xAWRb-B3N7Sr3kDoWECOY&code_challenge_method=S256
If you want to see the behaviour of the login depending on the authentication request, you can have a look at our oidc playground, make sure to tick the organisation scope for your use case: https://zitadel.com/docs/apis/openidoauth/authrequest
ZITADEL Docs
The OIDC Playground is for testing OpenID Authentication Requests, giving you more insight how OpenID Connect works and how you can customize ZITADEL behavior with different parameters.