=== Client Suggested Identity Provider Each identity provider has an option `Authenticate By Default`, which allows that Identity provider to be automatically selected during authentication. The user won't see the {{book.project.name}} login page and will instead be automatically redirected to the default identity provider. OIDC applications can also bypass the {{book.project.name}} login page by specifying a hint on which identity provider they want to use. This is done by appending the `kc_idp_hint` query parameter in the Authorization Code Flow authorization endpoint. {{book.project.name}} OIDC client adapters also allow you to specify this query parameter when you access a secured resource at the application. For example [source,java] ---- GET /myapplication.com?kc_idp_hint=facebook HTTP/1.1 Host: localhost:8080 ---- In this case, is expected that your realm has an identity provider with an alias `facebook`. If you are using `keycloak.js` adapter, you can also achieve the same behavior: [source,java] ---- var keycloak = new Keycloak('keycloak.json'); keycloak.createLoginUrl({ idpHint: 'facebook' }); ----