[IdP] Login Hint URL parameter does not get encoded when added to a URL.

Back to Forums

Peter Heberlein

Question

Forge

OutSystems 11

Traditional Web

Application Type

Traditional Web

There seems to be an issue where the Idp module is not encoding the 'LoginHint' variable when it is appended to the URL returned by the Idp_SSO_URL action as 'login_hint'.

I can see several places in the Idp module where other URL parmeters are appended with the value wrapped in the EncodeURL() function.

However, it doesn't appear to be using EncodeUrl() when appending the 'login_hint' url parameter. Can this please be added in a future release?

Example LoginHint parameter: abc+test4@gmail.com

Result: &login_hint=abc test4@gmail.com

I have a workaround to pass in the value encoded, but seems like it ought to be handled inside the Idp Module.

21 Oct 2025

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.

See the full guidelines