Selecting the user organization#
If the service knows what organization the user is going to use on the login page, it is possible to prepopulate the organization choice on the login page. To do this, the user needs to be redirected via a special URL on the login page. This URL will save the organization choice in a cookie.
Implementation#
To select the organization for the user, the user must be redirected via the following URL:
https://idp.feide.no/simplesaml/module.php/feide/preselectOrg.php
This URL requires two query parameters:
HomeOrg: Realm to the user’s organization. E.g.uninett.nofor Uninett,feide.osloskolen.nofor Oslo kommune,skjaakskulane.nofor Skjåk kommune.ReturnTo: URL the user should be returned to after the organization choice is stored. This is normally a URL at the service that triggers login. Remember to URL-escape this parameter.
Realm#
See Finding the organization domain name of a school for how to find the domain name (realm) of an organization.
Example#
https://idp.feide.no/simplesaml/module.php/feide/preselectOrg.php?HomeOrg=uninett.no&ReturnTo=https%3A//sp.example.org/login%3Fmethod%3Dfeide
This URL will select Uninett as the organization.
Afterwards, the user will be sent to:
https://sp.example.org/login?method=feide
The latter URL should send a login request to Feide.
Notes#
The organization set with this method will override any organization choice made by the user. It is therefore important that the service is certain that the organization it selects is the correct organization.
Even when the organization selects the organization using this method, the user is still able to override it. The user can change the organization on the login page using the “Not your affiliation?”-link. The service must therefore be prepared for the possibility that the user will return from the login request with a user from another organization.