This documentation is for WSO2 Identity Server 5.2.0. View documentation for the latest release.
Page Comparison - Customizing the Authentication Endpoint (v.7 vs v.8) - Identity Server 5.2.0 - WSO2 Documentation

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  1. Shutdown the server if it is already started.
  2. Set the property tenantListEnabled=false in the file.

    • If you are hosting the authenticationendpoint.war webapp within WSO2 Identity Server, set this property in the <IS_HOME>/repository/conf/identity/ file.

    • If you are hosting it outside the WSO2 Identity Server (i.e., external Tomcat or WSO2 Application Server), set this property in the <IS_HOME>/repository/deployment/server/webapps/authenticationendpoint/WEB-INF/classes/ file.  
  3. Set TenantDomainDropDownEnabled parameter to false in the <IS_HOME>/repository/conf/identity/application-authentication.xml file.

    Code Block
  4. If the MutualSSLAuthenticator is only used for the purpose of listing tenant domains in the drop down, disable it in the <IS_HOME>/repository/conf/security/authenticators.xml file.

    Code Block
    <Authenticator name="MutualSSLAuthenticator" disabled="true">
  5. Restart the server.

Customizing the authentication endpoint webapp to support browser back button action and


access via bookmarked sign-in page

This section describes how you can customize the authentication endpoint webapp to seamlessly handle the following actions:


  1. Clone the authentication browser back button handler git repo and navigate to the source directory.
  2. Execute the following command to build the CustomLoginEndpointUtils-1.0.0.jar:

    Code Block
    mvn clean install
  3. Copy the CustomLoginEndpointUtils-1.0.0.jar to the <IS_HOME>/repository/components/dropins directory.
  4. Copy the check_session_id.jsp file from the artifacts directory of the cloned git repo to the <IS_HOME>/repository/deployment/server/webapps/authenticationendpoint directory.
  5. Edit the <IS_HOME>/repository/deployment/server/webapps/authenticationendpoint/WEB-INF/web.xml file and add the following entries:

    Code Block
  6. Edit the <IS_HOME>/repository/deployment/server/webapps/authenticationendpoint/login.jsp file and update the <head> element as follows:

    Code Block
     function checkSessionKey() {
     type: “GET”,
     url: ‘’ + getParameterByName(‘sessionDataKey’) + ‘&relyingParty=’ + getParameterByName(‘relyingParty’) + ‘&tenantDomain=’ + getParameterByName(‘tenantDomain’),
     success: function (data) {
     var response = JSON.parse(data);
     if (response && response.status == “redirect” && response.redirectUrl && response.redirectUrl.length > 0) {
     window.location.href = response.redirectUrl;
    function getParameterByName(name, url) {
     if (!url) {
     url = window.location.href;
     name = name.replace(/[\[\]]/g, “\\$&”);
     var regex = new RegExp(“[?&]” + name + “(=([^&#]*)|&|#|$)”),
     results = regex.exec(url);
     if (!results) return null;
     if (!results[2]) return ‘’;
     return decodeURIComponent(results[2].replace(/\+/g, “ “));
    In the same login.jsp file add below change to <body> element.
     <body onload=”checkSessionKey()”>
    Now add the following line to the as the last line in the <script> element in same login.jsp.
     window.onunload = function(){};


    If necessary, you can get the complete login.jsp page content with all the changes specified above from here.

  7. Restart WSO2 Identity Server.