[keycloak-dev] Passing login_hint up to IdP when using kc_idp_hint

Stian Thorgersen sthorger at redhat.com
Mon Dec 12 08:28:32 EST 2016


If you use login_hint + add an option to an IdP "pass login_hint", and also
remember to write some tests for it, we'd gladly accept it.

On 8 December 2016 at 15:37, Peter Chamberlin <
peter.chamberlin at digital.cabinet-office.gov.uk> wrote:

> Hi Marek,
>
> Thank you for your response. That's kind of what we thought.
>
> Would this be something that might be accepted into the core of Keycloak if
> we developed it as a configurable option?
>
> All the best,
>
> Peter
>
>
> On 8 December 2016 at 12:21, Marek Posolda <mposolda at redhat.com> wrote:
>
> > It doesn't seem it is possible ATM. The possibility is, that you create
> > your own implementation of identityProvider and you override method :
> >
> > createAuthorizationUrl(AuthenticationRequest request)
> >
> > The parameters of the original request, which was sent from your
> application to Keycloak, are available from the clientSession notes (which
> itself is available on the AuthenticationRequest).
> >
> > Marek
> >
> >
> > On 07/12/16 19:06, Peter Chamberlin wrote:
> >
> > Hi Keycloak team,
> >
> > I'm working on a system which uses Keycloak as a broker to both OIDC and
> > SAML2.0 IdPs. We are using `kc_idp_hint` for every request and Keycloak
> is
> > never exposed to the user. The system uses OIDC to connect to Keycloak.
> >
> > We would like to pass a `login_hint` or `subject` upstream to  IdPs
> > (depending if it's OIDC or SAML) as we expect to know the user's IdP user
> > name, but this does not work out of the box. I can't see anything in the
> > documentation that would enable it.
> >
> > Is it possible? If so how?
> >
> > Many thanks for any help or pointers you can give.
> >
> > Peter Chamberlin
> > _______________________________________________
> > keycloak-dev mailing listkeycloak-dev at lists.jboss.orghttps://
> lists.jboss.org/mailman/listinfo/keycloak-dev
> >
> >
> >
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>


More information about the keycloak-dev mailing list