[keycloak-dev] Passing login_hint up to IdP when using kc_idp_hint
peter.chamberlin at digital.cabinet-office.gov.uk
Wed Dec 7 13:06:08 EST 2016
Hi Keycloak team,
I'm working on a system which uses Keycloak as a broker to both OIDC and
SAML2.0 IdPs. We are using `kc_idp_hint` for every request and Keycloak is
never exposed to the user. The system uses OIDC to connect to Keycloak.
We would like to pass a `login_hint` or `subject` upstream to IdPs
(depending if it's OIDC or SAML) as we expect to know the user's IdP user
name, but this does not work out of the box. I can't see anything in the
documentation that would enable it.
Is it possible? If so how?
Many thanks for any help or pointers you can give.
More information about the keycloak-dev