diff --git a/lib/core/src/lib/auth/oidc/auth-routing.module.ts b/lib/core/src/lib/auth/oidc/auth-routing.module.ts
index 7308e3cde1..53406b208a 100644
--- a/lib/core/src/lib/auth/oidc/auth-routing.module.ts
+++ b/lib/core/src/lib/auth/oidc/auth-routing.module.ts
@@ -18,9 +18,10 @@
 import { NgModule } from '@angular/core';
 import { RouterModule, Routes } from '@angular/router';
 import { AuthenticationConfirmationComponent } from './view/authentication-confirmation/authentication-confirmation.component';
+import { OidcAuthGuard } from './oidc-auth.guard';
 
 const routes: Routes = [
-  { path: 'view/authentication-confirmation', component: AuthenticationConfirmationComponent }
+  { path: 'view/authentication-confirmation', component: AuthenticationConfirmationComponent, canActivate: [OidcAuthGuard]}
 ];
 
 @NgModule({
diff --git a/lib/core/src/lib/auth/oidc/auth.module.ts b/lib/core/src/lib/auth/oidc/auth.module.ts
index 8fc7a1328f..4d8d9d52ac 100644
--- a/lib/core/src/lib/auth/oidc/auth.module.ts
+++ b/lib/core/src/lib/auth/oidc/auth.module.ts
@@ -61,7 +61,8 @@ export function loginFactory(oAuthService: OAuthService, storage: OAuthStorage,
             useFactory: loginFactory,
             deps: [OAuthService, OAuthStorage, AUTH_CONFIG],
             multi: true
-        }
+        },
+        OidcAuthGuard
     ]
 })
 export class AuthModule {
diff --git a/lib/core/src/lib/auth/oidc/auth.service.ts b/lib/core/src/lib/auth/oidc/auth.service.ts
index be027665ab..920d933402 100644
--- a/lib/core/src/lib/auth/oidc/auth.service.ts
+++ b/lib/core/src/lib/auth/oidc/auth.service.ts
@@ -15,7 +15,7 @@
  * limitations under the License.
  */
 
-import { TokenResponse } from 'angular-oauth2-oidc';
+import { LoginOptions, TokenResponse } from 'angular-oauth2-oidc';
 import { Observable } from 'rxjs';
 
 /**
@@ -54,6 +54,6 @@ export abstract class AuthService {
    *
    * @returns Promise, resolve with stored state, reject if unable to reach IdP
    */
-  abstract loginCallback(): Promise<string | undefined>;
+  abstract loginCallback(loginOptions?: LoginOptions): Promise<string | undefined>;
   abstract updateIDPConfiguration(...args: any[]): void;
 }
diff --git a/lib/core/src/lib/auth/oidc/oidc-auth.guard.ts b/lib/core/src/lib/auth/oidc/oidc-auth.guard.ts
index fa0d4e7738..c7c2f68490 100644
--- a/lib/core/src/lib/auth/oidc/oidc-auth.guard.ts
+++ b/lib/core/src/lib/auth/oidc/oidc-auth.guard.ts
@@ -16,7 +16,7 @@
  */
 
 import { Injectable } from '@angular/core';
-import { ActivatedRouteSnapshot, CanActivate, RouterStateSnapshot, UrlTree } from '@angular/router';
+import { CanActivate, UrlTree } from '@angular/router';
 import { Observable } from 'rxjs';
 import { AuthService } from './auth.service';
 
@@ -25,22 +25,20 @@ export class OidcAuthGuard implements CanActivate {
   constructor(private auth: AuthService) {}
 
   canActivate(
-    _route: ActivatedRouteSnapshot,
-    state: RouterStateSnapshot
   ): Observable<boolean | UrlTree> | Promise<boolean | UrlTree> | boolean | UrlTree {
-    return this._isAuthenticated(state);
+    return this._isAuthenticated();
   }
 
-  canActivateChild(_route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
-    return this._isAuthenticated(state);
+  canActivateChild() {
+    return this._isAuthenticated();
   }
 
-  private _isAuthenticated(state: RouterStateSnapshot) {
+  private _isAuthenticated() {
     if (this.auth.authenticated) {
       return true;
     }
 
-    const loginResult = this.auth.login(state.url);
+    const loginResult = this.auth.loginCallback({customHashFragment: window.location.search});
 
     if (loginResult instanceof Promise) {
       return loginResult.then(() => true).catch(() => false);
diff --git a/lib/core/src/lib/auth/oidc/redirect-auth.service.ts b/lib/core/src/lib/auth/oidc/redirect-auth.service.ts
index 5f7a3cc223..cc078b6152 100644
--- a/lib/core/src/lib/auth/oidc/redirect-auth.service.ts
+++ b/lib/core/src/lib/auth/oidc/redirect-auth.service.ts
@@ -16,7 +16,7 @@
  */
 
 import { Inject, Injectable } from '@angular/core';
-import { AuthConfig, AUTH_CONFIG, OAuthErrorEvent, OAuthService, OAuthStorage, TokenResponse } from 'angular-oauth2-oidc';
+import { AuthConfig, AUTH_CONFIG, OAuthErrorEvent, OAuthService, OAuthStorage, TokenResponse, LoginOptions } from 'angular-oauth2-oidc';
 import { JwksValidationHandler } from 'angular-oauth2-oidc-jwks';
 import { from, Observable } from 'rxjs';
 import { distinctUntilChanged, filter, map, shareReplay } from 'rxjs/operators';
@@ -127,9 +127,9 @@ export class RedirectAuthService extends AuthService {
     );
   }
 
-  async loginCallback(): Promise<string | undefined> {
+  async loginCallback(loginOptions?: LoginOptions): Promise<string | undefined> {
     return this.ensureDiscoveryDocument()
-      .then(() => this.oauthService.tryLogin({ preventClearHashAfterLogin: true }))
+      .then(() => this.oauthService.tryLogin({ ...loginOptions, preventClearHashAfterLogin: true }))
       .then(() => this._getRedirectUrl());
   }